Download Print this page

Motorola RFS6000 Reference Manual

Hide thumbs

Advertisement

Motorola RFS Series Wireless
LAN Switches
WiNG CLI Reference Guide

Advertisement

loading

  Related Manuals for Motorola RFS6000

  Summary of Contents for Motorola RFS6000

  • Page 1 Motorola RFS Series Wireless LAN Switches WiNG CLI Reference Guide...
  • Page 2 © 2009 Motorola, Inc. All rights reserved. MOTOROLA and the Stylized M Logo are registered in the US Patent & Trademark Office. Symbol is a registered trademark of Symbol Technologies, Inc. All other product or service names are the prop-...
  • Page 3: About This Guide

    The administrator should be familiar with wireless technologies, networking concepts, Ethernet concepts, IP addressing and SNMP. To avoid confusion amongst RFS6000 and RFS7000 CLI users, generic examples are used throughout this guide. These examples are relevant to each switch.
  • Page 4: How To Use This Guide

    Motorola RF Switch CLI Reference Guide The syntax, parameters and descriptions within this guide can also be used generically for a RFS6000 and RFS7000 model switch. However, some subtle differences do exist amongst these baselines. These differences are strongly noted within the specific commands impacted.
  • Page 5 Chapter Jump to this section if you want to... Chapter 10, “Crypto-map Understand the ( commands within the crypto-map) Instance” switch CLI. Chapter 11, “Crypto- Summarize the ( commands crypto trustpoint) trustpoint Instance” within the switch CLI. Chapter 12, “Interface Understand the ( commands within the config-if)
  • Page 6 Motorola RF Switch CLI Reference Guide Chapter Jump to this section if you want to... Chapter 24, “SOLE Instance” Review the instance commands (config-rtls-sole) within the switch CLI Chapter 25, “Smart RF Review the instance (config-wireless-smart-rf) Instance” commands within the switch CLI Chapter 26, “Role Instance”...
  • Page 7: Conventions Used In This Guide

    NOTE: Indicates tips or special requirements. CAUTION: Indicates conditions that can cause equipment damage or data loss. SWITCH NOTE: Indicates caveats unique to a RFS6000 or RFS7000 model switch. WARNING! Indicates a condition or procedure that could result in personal injury or equipment damage.
  • Page 8: Notational Conventions

    Motorola RF Switch CLI Reference Guide Notational Conventions The following notational conventions are used in this document: • Italics are used to highlight specific items in the general text, and to identify chapters and sections in this and related documents.
  • Page 9 xiii The pipe symbol. This is used to separate the variables/keywords in a list. For example, the command RFSwitch> show ..is documented as show [autoinstall|banner|ip|ldap|..] where: • set – The command • [autoinstall|banner|ip|ldap|..] – Indicates the different commands that can be combined with the show command. However, only one of the above list can be used at a time.
  • Page 10 Motorola RF Switch CLI Reference Guide Any command/keyword/variable or a combination of them inside a ‘{‘ & ‘}’ pair is optional. All optional commands follow the same conventions as listed above. However they are displayed itali- cized. For example, the command RFSwitch>...
  • Page 11 Motorola Service Information Use the Motorola Support Center as the primary contact for any technical problem, question, or support issue involving Motorola products. Motorola Support Center responds to calls by email, telephone or fax within the time limits set forth in individual contractual...
  • Page 12: General Information

    Motorola RF Switch CLI Reference Guide General Information For general information, contact Motorola at: Telephone (North America): 1-800-722-6234 Telephone (International): +1-631-738-5200 Website: http://www.motorola.com...
  • Page 13 OTHER LEGAL ENTITY, YOU REPRESENT AND WARRANT THAT YOU HAVE THE AUTHORITY TO BIND THAT COMPANY, PERSON OR ENTITY. 1. LICENSE GRANT. Subject to the terms of this Agreement, Motorola, Inc. and/or its subsidiaries ("Licensor") hereby grants Licensee a limited, personal, non-sublicensable, non transferable, non-exclusive license to use the software that Licensee is about to download or install and the documentation that accompanies it (collectively, the "Software") for...
  • Page 14: Contents -

    Motorola RF Switch CLI Reference Guide 3. INTELLECTUAL PROPERTY; CONTENT. All title and intellectual property rights in and to the Software (including but not limited to any images, photographs, animations, video, audio, music, text and "applets" incorporated into the Software), and any copies you are permitted to make herein are owned by Licensor or its suppliers.
  • Page 15 6. DISCLAIMER OF WARRANTIES. To the maximum extent permitted by applicable law, Licensor and its suppliers provide the Software and any (if any) Support Services AS IS AND WITH ALL FAULTS, and hereby disclaim all warranties and conditions, either express, implied or statutory, including, but not limited to, any (if any) implied warranties or conditions of merchantability, of fitness for a particular purpose, of lack of viruses, of accuracy or completeness of responses, of results, and of lack of negligence or lack of...
  • Page 16 "Restricted Rights" as provided for in FAR, 48 CFR 52.227-14 (JUNE 1987) or DFAR, 48 CFR 252.227- 7013 (OCT 1988), as applicable. The "Manufacturer" for purposes of these regulations is Motorola, Inc., One Symbol Plaza, Holtsville, NY 11742. 12. EXPORT RESTRICTIONS. Licensee shall comply with all export laws and restrictions and regulations of the Department of Commerce, the United States Department of Treasury Office of Foreign Assets Control ("OFAC"), or other United States or foreign agency or...
  • Page 17 waiver. This Agreement shall be governed by the laws of the State of New York without regard to the conflicts of law provisions thereof. The application the United Nations Convention of Contracts for the International Sale of Goods is expressly excluded. Unless waived by Licensor for a particular instance, any action or proceeding arising out of this Agreement must be brought exclusively in the state or federal courts of New York and Licensee hereby consents to the jurisdiction of such courts for any such action or proceeding.
  • Page 18 Motorola RF Switch CLI Reference Guide...
  • Page 19: Table Of Contents

    Contents Chapter 1. Introduction 1.1 CLI Overview ..............1-2 1.2 Getting Context Sensitive Help.
  • Page 20 TOC-2 Motorola RF Switch CLI Reference Guide 2.2.4 crypto ..............2-45 2.2.5 environment .
  • Page 21 Contents - TOC-3 2.2.42 clock ..............2-122 2.2.43 debugging .
  • Page 22 TOC-4 Motorola RF Switch CLI Reference Guide 4.1.1 acknowledge..............4-4 4.1.2 archive .
  • Page 23 Contents - TOC-5 Chapter 5. Global Configuration Commands 5.1 Global Configuration Commands ............5-2 5.1.1 aaa .
  • Page 24 TOC-6 Motorola RF Switch CLI Reference Guide 5.1.34 spanning-tree ............. . 5-107 5.1.35 timezone .
  • Page 25 Contents - TOC-7 7.1.5 help ............... . 7-7 7.1.6 service.
  • Page 26 TOC-8 Motorola RF Switch CLI Reference Guide Chapter 11. Crypto-trustpoint Instance 11.1 Trustpoint (PKI) Config Commands ........... . 11-1 11.1.1 clrscr .
  • Page 27 Contents - TOC-9 12.1.16 shutdown ..............12-28 12.1.17 spanning-tree .
  • Page 28 TOC-10 Motorola RF Switch CLI Reference Guide 14.1.8.1 Permitting IP Based Traffic ..........14-27 14.1.8.2 Permitting Telnet Based Traffic .
  • Page 29 Contents - TOC-11 16.1.6 mark ..............16-10 16.1.6.1 Example - Marking dot1p Priority Value for 802.1q Tagged Traffic .
  • Page 30 TOC-12 Motorola RF Switch CLI Reference Guide 17.1.22 option ..............17-29 17.1.23 service.
  • Page 31 Contents - TOC-13 19.1.7.5 guest-group ............19-12 19.1.7.6 help .
  • Page 32 TOC-14 Motorola RF Switch CLI Reference Guide 20.1.15 client ..............20-27 20.1.15.1 Configuring a Client .
  • Page 33 Contents - TOC-15 20.1.50 wlan ..............20-103 20.1.51 wlan-bw-allocation.
  • Page 34 TOC-16 Motorola RF Switch CLI Reference Guide 22.1.8 show ..............22-10 Chapter 23.
  • Page 35 Contents - TOC-17 25.1.7 help ............... 25-9 25.1.8 hold-time.
  • Page 36 TOC-18 Motorola RF Switch CLI Reference Guide...
  • Page 37: Chapter 1. Introduction

    This chapter describes the commands defined by the switch Command Line Interface (CLI). Access the CLI (on the supported RFS6000 and RFS7000 models) by running a terminal emulation program on a computer connected to the serial port on the front of the switch, or by using a Telnet session via secure shell (SSH) to access the switch over the network.
  • Page 38: Cli Overview

    RFS6000 or RFS7000 model used. Enter a question mark (?) at the system prompt to view a list of commands available for each command mode/instance.
  • Page 39 Introduction 1- Table 1.1 summarizes the commands available from the switch. Table 1.1 RF Switch CLI Hierarchy User Exec Mode Priv Exec Mode Global Configuration Mode clear acknowledge clrscr archive access-list cluster-cli autoinstall disable change-passwd banner enable clear boot exit clock bridge help...
  • Page 40 Motorola RF Switch CLI Reference Guide Table 1.1 RF Switch CLI Hierarchy User Exec Mode Priv Exec Mode Global Configuration Mode kill logging logout mkdir mac-address-table more mac-name management page ping prompt quit radius-server reload redundancy rename rtls rmdir service...
  • Page 41: Getting Context Sensitive Help

    Introduction 1- Table 1.1 RF Switch CLI Hierarchy User Exec Mode Priv Exec Mode Global Configuration Mode wireless-acl firewall network-element-id ratelimit role virtual-ip wwan 1.2 Getting Context Sensitive Help Enter a question mark (?) at the system prompt to display a list of commands available for each mode.
  • Page 42 Motorola RF Switch CLI Reference Guide Command Description (prompt)# command keyword ? Lists the next available syntax option for the command NOTE: The system prompt varies depending on which configuration mode you are in. NOTE: Enter Ctrl + V to use ? as a regular character and not as a character used for displaying context sensitive help.
  • Page 43: Using The No And Default Command Forms

    Introduction 1- It is possible to abbreviate commands and keywords to allow a unique abbreviation. For example, “configure terminal” can be abbreviated as . Since the abbreviated config t command is unique, the switch accepts the abbreviation and executes the command. Enter the help command (available in any command mode) to provide the following description: RFSwitch>help...
  • Page 44: Using Cli Editing Features And Shortcuts

    Motorola RF Switch CLI Reference Guide • Enter commands in uppercase, lowercase, or mixed case. Only passwords are case sensitive • If an instance name (or other parameter) contains whitespace, the name must be enclosed in quotes RFSwitch.(Cfg)> spol "Default Switch Policy"...
  • Page 45 Introduction 1- Table 1.2 Key Combinations Used to Move the Cursor Function Keystrokes Summary Function Details Left Arrow or Ctrl-B Back character Moves the cursor one character to the left When entering a command that extends beyond a single line, press the Left Arrow or Ctrl-B keys repeatedly to scroll back to the system prompt and verify the beginning of the command entry.
  • Page 46: Completing A Partial Command Name

    1-10 Motorola RF Switch CLI Reference Guide Function Keystrokes Summary Function Details Ctrl-Z Enters the command and returns to the root prompt Ctrl-L Refreshes the input line 1.4.2 Completing a Partial Command Name If you cannot remember a command name (or if you want to reduce the amount of typing you have to perform) enter the first few letters of a command, then press the Tab key.
  • Page 47: Deleting Entries

    Introduction 1- RFSwitch# co NOTE: The characters entered before the question mark are reprinted to the screen to complete the command entry. 1.4.3 Deleting Entries Use any of the following keys (or key combinations) to delete command entries: Keystrokes Purpose Backspace Deletes the character to the left of the cursor Ctrl-D...
  • Page 48: Transposing Mistyped Characters

    1-12 Motorola RF Switch CLI Reference Guide 1.4.6 Transposing Mistyped Characters If you have mistyped a command entry, you can transpose the mistyped characters. To transpose characters, use the following key combination: Keystrokes Purpose Ctrl-T Transposes the character to the left of the cursor with the character located at the cursor 1.4.7 Controlling Capitalization...
  • Page 49: Common Commands

    Common Commands This chapter describes the CLI commands used in the USER EXEC, PRIV EXEC, and GLOBAL CONFIG modes. The PRIV EXEC command set contains those commands available within the USER EXEC mode. Some commands can be entered in either mode. Commands entered in either USER EXEC mode or PRIV EXEC mode are referred to as EXEC mode commands.
  • Page 50: Clrscr

    Motorola RF Switch CLI Reference Guide 2.1.1 clrscr  Common Commands Clears the screen and refreshes the prompt (#) Supported in the following platforms: • RFS7000 • RFS6000 • RFS4000 Syntax clrscr Parameters None Example RFSwitch#clrscr RFSwitch#...
  • Page 51: Exit

    Common Commands 2.1.2 exit  Common Commands Ends the current mode and moves to the previous mode Supported in the following platforms: • RFS7000 • RFS6000 • RFS4000 Syntax exit Parameters None Example RFSwitch(config)#exit RFSwitch#...
  • Page 52: Help

    Motorola RF Switch CLI Reference Guide 2.1.3 help  Common Commands Use this command to access the advanced help feature. Use “?” anytime at the command prompt to access the help topic. Two kinds of help are provided: 1. Full help is available when ready to enter a command argument.
  • Page 53 Common Commands 2.1.4 no  Common Commands Negates a command or sets its defaults Supported in the following platforms: • RFS7000 • RFS6000 • RFS4000 Syntax Parameters None Example (User Exec) RFSwitch>no ? cluster-cli Cluster context mobile-unit mobile-unit index page...
  • Page 54 Motorola RF Switch CLI Reference Guide access-list Configure access-lists autoinstall autoinstall configuration command banner Reset login banner to nothing bridge Bridge group commands country-code Clear the currently configured country code. All existing configurations will be erased crypto encryption module errdisable...
  • Page 55: Service

    2.1.5 service  Common Commands Service commands are used to manage the switch configuration in all modes. Depending on the mode, different service commands will display. • RFS7000 • RFS6000 • RFS4000 Syntax (User Executable Mode) service [diag|encrypt|kill|locator|save-cli|show|undefine| wireless] service [locator|save-cli|undefine]...
  • Page 56 Motorola RF Switch CLI Reference Guide service show [cli|command-history|crash-info|diag|info| memory|process|reboot-history|rtls|startup-log| upgrade-history|watchdog] service show [cli|command-history|crash-info|info|memory| process|reboot-history|startup-log|upgrade-history| watchdog] service show diag [hardware|led-status|limits|period|stats| tech-support-period|tech-support-url|top] service show rtls [location-history|rfid] service show rtls location-history service show rtls rfid events reader {<1-48>} service undefine ecspec {<ECSpec-name>}...
  • Page 57 Common Commands Parameters (User Executable Mode) diag Diagnostics commands [enable|identify|limit| • enable – Enables in-service diagnostics period| • identify – Identifies a switch by flashing its LEDs tech-support-period| • limit [buffer|fan|filesys|inodes|load|maxFDs| tech-support-url] pkbuffers|procRAM|ram|routecache|temperature] – Sets the diagnostic limit command • buffer []<0-65535> – Configures the buffer usage warning limit.
  • Page 58 2-10 Motorola RF Switch CLI Reference Guide • routecache <0-65535> – Configures IP route cache usage. Set a value between 0 and 65553. • temperature <1-6> [critical|high|low] – Sets the number of temperature sensors for the switch. • critical <0.0 - 250.0> – Critical temperature limit •...
  • Page 59 Common Commands 2-11 save-cli Saves the CLI tree for all modes in HTML show [cli|command- Displays running system information history|crash-info|diag| • cli – Shows the CLI tree of the current mode info|memory|process| • command-history – Displays the command (except show reboot-history|rtls| commands) history startup-log|...
  • Page 60 2-12 Motorola RF Switch CLI Reference Guide • info – Shows a snapshot of available support information • memory – Shows memory statistics • watchdog – Shows watchdog status • process – Shows processes (sorted by memory usage) • reboot-history – Shows a reboot history •...
  • Page 61 Common Commands 2-13 service diag [enable|identify|limit|period| tech-support-period|tech-support-url] service encrypt secret 2 <pass-phrase> <plain-text> service firewall disable service firewall ip igmp snooping robustness-variable <1-7> service kill conncection {<1-64>} service pktcap on [bridge|deny|drop|interface|router|vlan] service pktcap on [bridge|drop] {[count <1- 1000000>|filter|hex|snap <1-1518>|verbose|write]} service pktcap on bridge filter on [<LINE>|arp|capwap|dst|ether|host|icmp|igmp|ip|ip6|l2|l3| l4|net|not|port|src|tcp|udp|vlan|wlan] service pktcap on bridge filter [arp|capwap|icmp|ip|ip6|...
  • Page 62 2-14 Motorola RF Switch CLI Reference Guide service pktcap on bridge filter src [<IP>|net <IP/MASK>| port <0-65536>] {[and|or] <LINE>} service pktcap on bridge filter tcp {[[and|or] <LINE>|[ack|fin|or|rst|syn] {[and|or] <LINE>]} service pktcap on bridge filter vlan <1-4095> {[and|or] <LINE>} service pktcap on bridge filter wlan <1-2> {[and|or] <LINE>} service pktcap on bridge [hex|verbose] {[count <1-1000000>|...
  • Page 63 Common Commands 2-15 service show rtls grid x <0-9000> y <0-9000> service show rtls rfid events reader {<1-48>} service show securitymgr flows [details|source] service show securitymgr flows details {source [<IP>|any] destination [<IP>|any] protocol [any|icmp|tcp|udp]} service show securitymgr flows source [<IP>|any] destination [<IP>|any] protocol [any|icmp|tcp|udp] service show smart-rf [debug-config|sensitivity] service show smart-rf debug-config...
  • Page 64 2-16 Motorola RF Switch CLI Reference Guide service smart-rf interference [<radio-mac>|<radio-index>| <radio-index-list>] service undefine ecspec {<SPECNAME>} service wireless [ap-history|clear-ap-log|custom-cli|dot11i| dump-core|enhanced-beacon-table|enhanced-probe-table| free-packet-watermark|idle-radio-send-multicast| legacy-load-balance|map-radios|radio-misc-cfg|rate-scale| request-ap-log|save-ap-log|snmp-trap-throttle| sync-radio-entries|vlan-cache] service wireless [dumpcore|legacy-load-balance|rate-scale| save-ap-log|sync-radio-entries] service wireless ap-history [clear|enable] service wireless clear-ap-log {<1-1024>} service wireless custom-cli [sh-wi-mobile-unit|sh-wi-radio]...
  • Page 65 Common Commands 2-17 service wireless radio-misc-cfg <hex-mask> service wireless request-ap-log <ap-index> service wireless snmp-trap-throttle <1-20> service wireless vlan-cache enable Parameters (Privilege Executable Mode) clear Performs a variety of reset functions [all|aplogs|clitree|cores| • all – Removes all core, dump and panic files dumps|fw|panics| •...
  • Page 66 2-18 Motorola RF Switch CLI Reference Guide copy tech-support Copies files for tech support purposes [<file>|<URL>] • tech-support [<file>|<URL>] [tftp|ftp|sftp] – Copies [tftp|ftp|sftp] extensive system information useful to technical support for troubleshooting. • FILE – File to which to copy •...
  • Page 67 Common Commands 2-19 diag [enable|identify| Sets or displays switch diagnostic values limit|period| • enable – Enables in-service diagnostics tech-support-period| • fanduty <40-100> – CPU fan PWM duty cycle. tech-support-url] Set a value between 40-100%. Setting a value below 60 is considered unreliable. •...
  • Page 68 2-20 Motorola RF Switch CLI Reference Guide • routecache <0-65535> – Configures IP route cache usage. Set between 0 and 65553. • temperature <1-6> [critical|high|low] – Sets the number of temperature sensors for the switch. • critical <0.0 - 250.0> – Critical temperature limit •...
  • Page 69 Common Commands 2-21 pktcap on Packet capturing [bridge|interface|router| • on – Defines the packet capture location vpn] • bridge [count|hex|snap|verbose|write|filter] – Captures [count|filter|verbose| packet at the bridge write] • count <1-1000000> – Limits the captured packet count • filter [<LINE>|arp|capwap|dst|ether|host|icmp|igmp| ip|ip6|l2|l3|l4|net|not|port|src|tcp|udp|vlan|wlan] –...
  • Page 70 2-22 Motorola RF Switch CLI Reference Guide • verbose <1-1000000> – Displays full packet body • filter – Captures the filter • snap <1-1518>– Captured data length • write [<FILE>|URL] – Captures to a file • FILE – File to which to copy •...
  • Page 71 Common Commands 2-23 • count <1-1000000> – Limits capture packet count • filter – Captures filter • verbose – Displays full packet body • write – Captures to a file • snap <1-1518> – Captured data length • hex – Show full packet body •...
  • Page 72 2-24 Motorola RF Switch CLI Reference Guide show [cli| Displays running system information command-history| • cli – Shows the CLI tree of the current mode crash-info|diag|fw|info| • command-history – Displays a command (except show ip|last-passwd|memory| commands) history pm|process| • crash-info – Displays information about core, panic and...
  • Page 73 Common Commands 2-25 • pm history – Process Monitor • history [WORD|all] – Displays state changes for a process, the time they happened and events • WORD – Process name • all – All processes • process – Shows processes (sorted by memory usage) •...
  • Page 74 2-26 Motorola RF Switch CLI Reference Guide show securitymgr flows Service Security Manager parameters • flows [details|source] – Sessions established • details – Shows detail flow statistics • source [A.B.C.D|any] – Shows the source IP address • [A.B.C.D|any] – Flows where source address is A.B.C.D or flows with any source address...
  • Page 75 Common Commands 2-27 smart-rf [clear- Displays Smart-RF Management Commands history|load-from- • clear-history– clears assignment history file|replay|rescue|restore| • load-from-file – load record from file save-to-file|simulate] • replay enable – set replay mode • enable – enable replay mode • rescue <MAC> – force rescue operation •...
  • Page 76 2-28 Motorola RF Switch CLI Reference Guide watchdog Enables the switch watchdog wireless [ap-history| Wireless parameters clear-ap-log • ap-history [clear|enable] – Access-port history |custom-cli|dot11i| • clear – Delete all history of all APs dump-core| • enable – Enable the tracking of AP history enhanced-beacon-table| •...
  • Page 77 Common Commands 2-29 • radio-desc – description of radio where the mobile- unit is associated • radio-id – The radio index to which the mobile-unit is associated • ssid – The ssid of the mobile-units wlan • state – The current state of the mobile-unit •...
  • Page 78 2-30 Motorola RF Switch CLI Reference Guide • num-mu – The number of mobile devices associated with this radio • power – The configured and current transmit power of the radio • pref-id – The adoption preference id of the radio •...
  • Page 79 Common Commands 2-31 • enhanced-probe-table [enable|erase-report|max-mu| preferred|window-time] – Enhanced probe table for MU locationing. • enable – Enables the Enhanced Probe Table feature for MU locationing. • erase-report – Erases the reports for Enhanced Probe Table feature. • max-mu <0-512> – Sets the maximum MUs in the Enhance Probe Table report.
  • Page 80 2-32 Motorola RF Switch CLI Reference Guide Syntax (Global Config Mode) (Global Config) service [advanced-vty|dhcp|diag|password-encryption|pm| prompt|radius|redundancy|set|show|terminal-length| watchdog] service [advanced-vty|dhcp|watchdog] service diag [enable|limit|period|tech-support-period| tech-support-url] service password-encryption secret 2 <pass-phrase> service pm sys-restart service prompt crash-info service radius {restart} service redundancy dynamic-ap-load-balance start service set [command-history|reboot-history|upgrade-history] <10-100>...
  • Page 81 Common Commands 2-33 pm sys-restart Process Monitor • sys-restart – Enables the PM to restart the system when a processes fails prompt crash-info Enable crash-info prompt • crash-info – Enables a crash-info prompt radius restart Enable radius server • restart – Restarts the radius server with an updated configuration redundancy dynamic-ap- Configure redundancy group parameters...
  • Page 82 2-34 Motorola RF Switch CLI Reference Guide Usage Guidelines set by the user cannot be disabled without knowing service password-encryption the old password. Refer the note below for more clarification. NOTE: The command used to no service password-encryption disable the encryption, now requires the user to know the old password.
  • Page 83 Common Commands 2-35 128k 128k byte buffer limit 16k byte buffer limit 1k byte buffer limit 256 byte buffer limit 2k byte buffer limit 32 byte buffer limit 32k byte buffer limit 4k byte buffer limit 512 byte buffer limit 64 byte buffer limit 64k byte buffer limit 8k byte buffer limit...
  • Page 84 2-36 Motorola RF Switch CLI Reference Guide May 23 19:06:59 2007 admin vty 131 enable May 23 14:36:09 2007 admin vty 130 enable May 21 16:37:13 2007 admin vty 130 enable May 21 16:34:36 2007 admin con 0 enable RFSwitch>service show reboot-history Configured size of reboot history is 50 Date &...
  • Page 85: Show

    If the current context contains instances, the show command (usually) displays a list of these instances. • When invoked with the display_parameter, it displays information about that component. Supported in the following platforms: • RFS7000 • RFS6000 • RFS4000 Syntax show <parameter> Parameters Display...
  • Page 86 2-38 Motorola RF Switch CLI Reference Guide Display Parameters Description Mode Example interfaces Displays the current interface status Common page 2-50 and configuration Displays the internet protocol Common page 2-52 ldap Displays the LDAP server Common page 2-59 configuration licenses...
  • Page 87 Common Commands 2-39 Display Parameters Description Mode Example redundancy Display configuration details for Common page 2-76 dynamic-ap-load- dynamic AP Load Balance balance redundancy group Displays redundancy group Common page 2-77 parameters redundancy Displays the state transition history Common page 2-80 history of the switch redundancy...
  • Page 88 2-40 Motorola RF Switch CLI Reference Guide Display Parameters Description Mode Example version Displays software and hardware Common page 2-98 version information wireless Displays wireless configuration Common page 2-99 commands wlan-acl Displays WLAN ACL information Common page 2-117 access-list Displays the access list Internet...
  • Page 89 Common Commands 2-41 Display Parameters Description Mode Example securitymgr Displays debug information for ACL, Privilege/ page 2-132 VPN and NAT Global Config sessions Displays currently open and active Privilege/ page 2-133 connections Global Config startup-config Displays the content of the startup Privilege/ page 2-134 configuration...
  • Page 90: Autoinstall

    2-42 Motorola RF Switch CLI Reference Guide 2.2.1 autoinstall  Common to all modes Displays the autoinstall configuration information Syntax show autoinstall status Parameters status Displays status of autoinstall Example RFSwitch>show autoinstall RFSwitch>feature enabled config --not-set-- cluster cfg yes --not-set--...
  • Page 91: Banner

    Common Commands 2-43 2.2.2 banner  Common to all modes Displays the message of the day string. This string can be used to alert the user to specific information that might be of interest. Syntax show banner motd Parameters motd Displays the Message of the Day banner Example RFSwitch>show banner motd...
  • Page 92: Commands

    2-44 Motorola RF Switch CLI Reference Guide 2.2.3 commands  Common to all modes Displays the available commands for the current mode Syntax RFSwitch>show commands Parameters None Example RFSwitch#show commands acknowledge alarm-log (all|<1-65535>) acknowledge alarm-log (all|<1-65535>) archive tar /create (FILE|URL) .FILE archive tar /create (FILE|URL) .FILE...
  • Page 93: Crypto

    Common Commands 2-45 2.2.4 crypto  Common to all modes Displays the encryption mode information Syntax show crypto[ipsec|isakmp|key|map|pki] show crypto ipsec[sa| security-association|transformset] show crypto isakmp[policy <1-10000>|sa] show crypto keymy pubkey rsa show crypto map[interface <interface-name>|tag <tag-name>] show crypto pki[request <trustpoint-name>|trustpoints] Parameters ipsec Displays the IPSEC policy...
  • Page 94 2-46 Motorola RF Switch CLI Reference Guide pki [request|trustpoints] Displays Public Key Infrastructure (PKI) commands • request <trustpoint-name> – Displays the certificate requests • trustpoints – Displays the trustpoints and their configuration Usage Guidelines The security engine periodically updates the IPSec and Isakamp statistics (every 60...
  • Page 95 Common Commands 2-47 Subject Name: Common Name: Symbol Technologies Issuer Name: Common Name: Symbol Technologies Valid From: Sep 13 16:14:49 2006 GMT Valid Until: Sep 13 16:14:49 2007 GMT Trustpoint :tptest ----------------------------------------------- CA certificate configured Subject Name: Common Name: monarch Organizational Unit: wid Organization: symbol...
  • Page 96: Environment

    2-48 Motorola RF Switch CLI Reference Guide 2.2.5 environment  Common to all modes Displays the environmental information such as fan speed, ambient temperature inside the switch and CPU temperature. Syntax show environment Parameters None Example RFSwitch>show environment upwind of CPU temperature : 30.0 C CPU die temperature : 49.0 C...
  • Page 97: History

    Common Commands 2-49 2.2.6 history  Common to all modes Displays the command history Syntax show history Parameters None Example RFSwitch>show history 1 admin 2 enable 3 con ter 4 exit 5 show autoinstall 6 con ter 7 show autoinstall 8 show banner 9 show banner motd 10 show command...
  • Page 98: Interfaces

    2-50 Motorola RF Switch CLI Reference Guide 2.2.7 interfaces  Common to all modes Displays the status of the different switch interfaces Syntax show interfaces [WORD|ge|me1|sa|switchport|vlan] Parameters show interfaces Displays the interface name [WORD|ge|me1|sa| • WORD– Displays interface name switchport|vlan] •...
  • Page 99 Output packets 0, bytes 0, dropped 0 Sent 0 broadcasts, 0 multicasts Output errors 0, collisions 0, late collisions 0, excessive collisions 0 RFS6000#show interfaces wan Interface wan Hardware Type PPP, Interface Mode Layer 3 index=8, metric=1, mtu=1500, (PAL-IF) <UP,POINTOPOINT,RUNNING,NOARP,MULTICAST >...
  • Page 100 2-52 Motorola RF Switch CLI Reference Guide 2.2.8 ip  Common to all modes Displays Internet Protocol (IP) related information Syntax show ip [access-group|arp|ddns|dhcp| dhcp-vendor-options|domain-name|dos|http|igmp|interface| name-server|nat|route|routing|ssh|telnet] show ip access-group [<interface-name>|all|ge|me1|role|sa| vlan <1-4094>] show ip arp show ip ddnsbinding show ip dhcp[binding|class|pool|sharednetwork|]...
  • Page 101 Common Commands 2-53 Parameters access-group Displays the ACLs attached to an interface [<interface-name> • <interface-name> – Enter the name of the interface to |all|ge|me1|role|sa|> which the ACL is associated. access-group lists the |vlan <1-4094>] details of the ACLs configured on the particular Layer 3 or Layer 2 interface.
  • Page 102 2-54 Motorola RF Switch CLI Reference Guide http Hyper Text Transfer Protocol (HTTP) [secure-server|server] • secure-server – Secure HTTP server • server – HTTP server interface [<interface- Use the show ip interface command to display the name>|brief|ge|me1|sa| administrative and operational status of all Layer-3 vlan] interfaces or a specified Layer-3 interface.
  • Page 103 Common Commands 2-55 route [<IP>|<IP/Mask> Display IP routing table entries |detail] • <IP> – Network in the IP routing table • <IP/Mask> – Number of valid bits in the network prefix IP prefix <network>/<length>, e.g., 35.0.0.0/8 • detail – Displays the IP routing table in detail routing IP routing status Secured Shell (SSH) server...
  • Page 104 2-56 Motorola RF Switch CLI Reference Guide interface. In this case, it is the physical interface that is disconnected not the virtual interface. When the ethernet interface comes back up, it will restart the DHCP client on any virtual interfaces (SVIs) of which the physical interface is a member port. This ensures if the interface was disconnected and reconnected to a different interface, it obtains a new IP address, route, name server, domain name etc.
  • Page 105 : motorola.com RFSwitch#show ip http server HTTP server: Running Config status: Enabled RFSwitch#show ip http secure-server HTTP secure server: Running Config status: Enabled Trustpoint: default-trustpoint RFSwitch#show ip interface brief RFS6000#show ip interface brief Interface IP-Address/Mask Status Protocol 10.1.1.100/24 down vlan1 192.168.1.1/24 vlan11 192.168.11.1/24...
  • Page 106 2-58 Motorola RF Switch CLI Reference Guide RFSwitch#show ip interface vlan 1 brief Interface IP-Address Status Protocol vlan1 157.235.208.233 (DHCP)up RFSwitch#show ip name-server 157.235.3.195 dynamic 157.235.3.196 dynamic RFSwitch#show ip routing IP routing is on RFSwitch(config)#show ip route detail Codes: K - kernel/icmp, C - connected, S - static, D - DHCP >...
  • Page 107: Ldap

    Common Commands 2-59 2.2.9 ldap  Common to all modes Displays LDAP information Syntax show ldap configuration [primary|secondary] Parameters ldap configuration Displays LDAP information. [primary|secondary] • Configuration [primary|secondary] – Sets the LDAP configuration server parameters • primary – Defines the Primary LDAP server •...
  • Page 108 2-60 Motorola RF Switch CLI Reference Guide (sAMAccountName=%{Stripped-User-Name:-%{User-Name}}) Bind DN cn=kumar,ou=symbol,dc=activedirectory,dc=com Base DN : ou=symbol,dc=activedirectory,dc=com Password : 0 symbol@123 Password Attribute : UserPassword Group Name : cn Group Membership Filter: (&(objectClass=group)(member=%{Ldap-UserDn})) Group Member Attr : radiusGroupName Net timeout : 1 second(s)
  • Page 109: Licenses

    Common Commands 2-61 2.2.10 licenses  Common to all modes Displays the different licenses installed on the switch Syntax show licenses Parameters None Example RFSwitch(config)#show licenses feature usage license string license value usage 2FFD7fE9 CD016155 14A92C70 48...
  • Page 110: Logging

    2-62 Motorola RF Switch CLI Reference Guide 2.2.11 logging  Common to all modes Displays logging status and other information Syntax show logging Parameters None Example RFSwitch(config)#show logging Logging module: enabled Aggregation time: disabled Console logging: level debugging Buffered logging: level informational...
  • Page 111: Mac

    Common Commands 2-63 2.2.12 mac  Common to all modes Shows all MAC information with respect to groups and access lists Syntax show mac [access-list|access-group] interface>|all|ge <1-4>| show mac access-group [< me1|sa <1-4>|vlan <1-4094>] Parameters mac [access-list Displays MAC information access-group] •...
  • Page 112: Mac-Address-Table

    2-64 Motorola RF Switch CLI Reference Guide 2.2.13 mac-address-table  Common to all modes Displays the MAC address table entries Syntax show mac-address-table Parameters None Example RFSwitch(config)#show mac-address-table Bridge VLAN Port ------------ ---- ------------ -------------- --- 00a0.f865.ea8f 1 0015.7038.0653 1 0015.7014.fec4 1...
  • Page 113: Management

    Common Commands 2-65 2.2.14 management  Common to all modes Displays the L3 management interface name Syntax show management Parameters None Example RFSwitch>show management Mgmt Interface: vlan1 Management access permitted via any vlan interface RFSwitch>...
  • Page 114: Mobility

    2-66 Motorola RF Switch CLI Reference Guide 2.2.15 mobility  Common to all modes Displays the mobility parameters Syntax show mobility [event-log|forwarding|global| mobile-unit|peer|statistics] show mobility event-log [mobile-unit|peer] show mobility forwarding <MAC> show mobility mobile-unit [MAC>|detail] show mobility peer [<IP>|detail] show mobility statistics <MAC>...
  • Page 115 Common Commands 2-67 global Global Mobility parameters mobile-unit Mobile-units in the Mobility Database peer Mobility peers statistics Mobile-unit Statistics RFSwitch(config)#show mobility event-log mobile-unit Time Event Evt-Src-IP MU-Mac MU-IP HS-IP CS-IP 09/14 19:17:52 IP-UPD-MU 00-0f-3d-e9-a6-54 157.235.208.134 157.235.208.16 157.235.208.16 09/14 19:17:51 ADD-MU 00-0f-3d-e9-a6-54 0.0.0.0 157.235.208.16 157.235.208.16 09/14 19:17:51 DEL-MU...
  • Page 116 2-68 Motorola RF Switch CLI Reference Guide Foreign MU Database: Total=0 RFSwitch(config)#show mobility peer detail Mobility Peers: Total=1, Established=0 Peer: 1.1.1.1, State: PASSIVE-CONNECTING Join-Sent : 0 Join-Rcvd : 0 Leave-Sent : 0 Leave-Rcvd Rehome-Sent: 0 Rehome-Rcvd: 0 L3roam-Sent: 0 L3roam-...
  • Page 117: Ntp

    Common Commands 2-69 2.2.16 ntp  Common to all modes Displays NTP protocol information Syntax show ntp [association|status] Parameters ntp [association Displays the Network Time Protocol (NTP) configuration detail|status] • association detail – Displays existing NTP associations • detail – Displays NTP association details •...
  • Page 118 2-70 Motorola RF Switch CLI Reference Guide rcv time 00000000.00000000 (Feb 07 06:28:16 UTC 2036) xmt time c8b42a7e.6eb04252 (Sep 14 19:22:38 UTC 2006) filtdelay = 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 RFSwitch>show ntp status Clock is synchronized, stratum 0, actual frequency is 0.0000 Hz, precision is 2^0 reference time is 00000000.00000000 (Feb 07 06:28:16 UTC...
  • Page 119: Port-Channel

    Common Commands 2-71 2.2.17 port-channel  Common to all modes Displays port-channel load-balance information • RFS7000 SWITCH NOTE: This command is not supported on: • RFS6000 • RFS4000 Syntax show port-channel load-balance Parameters load-balance Displays the existing load balancing configuration Example RFSwitch>show port-channel load-balance...
  • Page 120: Power

    Motorola RF Switch CLI Reference Guide 2.2.18 power  Common to all modes Displays the power configuration and status for the RFS6000 switch Supported in the following platforms: • RFS4000 • RFS6000 SWITCH NOTE: This command is not supported on: •...
  • Page 121: Privilege

    Common Commands 2-73 2.2.19 privilege  Common to all modes Displays the privileges of the current user Syntax show privilege Parameters None Example RFSwitch>show privilege Current user privilege: superuser RFSwitch>...
  • Page 122: Radius

    2-74 Motorola RF Switch CLI Reference Guide 2.2.20 radius  Common to all modes Displays RADIUS status and information Syntax show radius [configuration|eap configuration|group| A.B.C.D/M|proxy|rad-user|trust-point] Parameters radius [configuration| Displays RADIUS configuration commands eap configuration group| • configuration – RADIUS server configuration nas <IP/Mask>|proxy|...
  • Page 123 Common Commands 2-75 Proxy Realm Details ___________________ Realm : symbol.com IP Address : 10.10.10.5 Port : 1812 Shared secret : 0 secret123...
  • Page 124: Redundancy Dynamic-Ap-Load-Balance

    2-76 Motorola RF Switch CLI Reference Guide 2.2.21 redundancy dynamic-ap-load-balance  Common to all modes Displays the configuration for the Dynamic AP Load Balancing feature Supported in the following platforms: • RFS7000 • RFS6000 • RFS4000 Syntax show redundancy dynamic-ap-load-balance config...
  • Page 125: Redundancy Group

    Common Commands 2-77 2.2.22 redundancy group  Common to all modes This command displays the switch’s IP address, number of active neighbors, group license, installed license, cluster AP adoption count, switch adoption count, hold time, discovery time, heartbeat interval, cluster id and switch mode. In a cluster, this command displays the redundancy runtime and configuration of the “self-switch”.
  • Page 126 2-78 Motorola RF Switch CLI Reference Guide Redundancy Protocol Version : 2.0 Redundancy Group License : Not Applicable Cluster AP Adoption Count Switch AP Adoption Count : Not Applicable Redundancy State : Disabled Radio Portals adopted by Group : Not Applicable...
  • Page 127 Common Commands 2-79 Redundancy Protocol Version : 2.0 Redundancy Group License Cluster AP Adoption Count : Not Applicable Switch AP Adoption Count : Not Applicable Redundancy State : Disabled Radio Portals adopted by Group : Not Applicable Radio Portals adopted by this Switch : Not Applicable Rogue APs detected in this Group : Not Applicable Rogue APs detected by this Switch...
  • Page 128: Redundancy History

    2-80 Motorola RF Switch CLI Reference Guide 2.2.23 redundancy history  Common to all modes Displays the switch state transition history Syntax show redundancy history Parameters None Example RFSwitch>show redundancy history State Transition History Time Event Triggered state --------------------------------------------------------- Sat Oct 06 12:07:55...
  • Page 129: Redundancy Members

    Common Commands 2-81 2.2.24 redundancy members  Common to all modes Displays the member switches in the cluster. The user can provide the of the IP address switch in cluster whose information alone is needed. Syntax show redundancymembers [<IP>|brief] Parameters redundancymembers Displays member switches in the cluster [<IP>|brief]...
  • Page 130: Rtls

    2-82 Motorola RF Switch CLI Reference Guide 2.2.25 rtls  Common to all modes Displays the Real Time Locating System status and information Syntax show rtls [aeroscout|espi|filter|ekahau| reference-tags|rfid|site|sole|tags|zone]...
  • Page 131 Common Commands 2-83 Parameters rtls [aeroscout|espi|filter| Displays the Real Time Locating System status and ekahau| information. reference-tags| • aeroscout – Displays aeroscout configurations rfid|site|sole|tags|zone] • espi [adapter|ecspecs|subscriber|tags] – Displays ESPI configuration • adapter [active|ale-tcp] – Displays Adapter Configuration • active – Displays adapters that are currently active •...
  • Page 132 2-84 Motorola RF Switch CLI Reference Guide rtls tags [<tag-id>| Displays Tags/Assets (passive, active, wi-fi, uwb) aeroscout|all|ekahau|g2| Information mobile-unit| • <tag-id> – Displays detailed tag information for specific |rfid|uri|zone|] tag ID • aeroscout – Displays located aeroscout tags • all – Displays all tags •...
  • Page 133: Smtp-Notification

    Common Commands 2-85 2.2.26 smtp-notification  Common to all modes Displays the set smtp-notification parameters Syntax show smtp-notification traps Parameters traps Displays trap enable flags Example RFSwitch(config)#show smtp-notification traps ----------------------------------------------------------------- -Global enable flag for Trap SMTP-Notification Disabled ----------------------------------------------------------------- -Enable flag status for Individual Trap SMTP-Notification ----------------------------------------------------------------- --Module Type Trap Type...
  • Page 134 2-86 Motorola RF Switch CLI Reference Guide redundancy memberMisConfigured redundancy adoptionExceeded redundancy grpAuthLevelChanged redundancy resourceUp redundancy resourceDown misc lowFsSpace misc processMaxRestartsReached misc savedConfigModified misc serverCertExpired misc caCertExpired misc periodicHeartbeat misc switchEvent wireless station associated wireless station disassociated wireless station deniedAssociationOnCapability...
  • Page 135: Snmp

    Common Commands 2-87 2.2.27 snmp  Common to all modes Displays SNMP user information Syntax show snmp user [snmpmanager|snmpoperator|snmptrap] Parameters snmp user Displays SNMP user information [snmpmanager| • snmpmanager – Shows SNMP manager information snmpoperator|snmptrap • snmpoperator – Shows SNMP operator information •...
  • Page 136: Snmp-Server

    2-88 Motorola RF Switch CLI Reference Guide 2.2.28 snmp-server  Common to all modes Displays SNMP server information Syntax show snmp-server traps wireless-statistics[mesh|mobile-unit| radio|wireless-switch|wlan] Parameters traps wireless-statistics Displays existing wireless-stats rate trap enabled flags [mesh| • mesh – Displays existing mesh rate traps mobile-unit| radio| •...
  • Page 137 Common Commands 2-89 redundancy grpAuthLevelChanged misc lowFsSpace misc processMaxRestartsReached wireless station associated wireless station disassociated wireless station deniedAssociationOnCapability wireless station deniedAssociationOnShortPream wireless station deniedAssociationOnSpectrum wireless station deniedAssociationOnErr wireless station deniedAssociationOnSSID wireless station deniedAssociationOnRates wireless station deniedAssociationOnInvalidWPAWPA2IE wireless station deniedAssociationAsPortCapacityReached wireless station tkipCounterMeasures wireless station deniedAuthentication...
  • Page 138 2-90 Motorola RF Switch CLI Reference Guide gave-up-percent-greater-than disabled avg-retry-greater-than disabled undecrypt-percent-greater-than disabled num-stations-greater-than disabled RFSwitch> RFSwitch>show snmp-server traps wireless-statistics wireless-switch pktsps-greater-than disabled tput-greater-than disabled num-stations-greater-than disabled RFSwitch> RFSwitch>show snmp-server traps wireless-statistics wlan pktsps-greater-than disabled tput-greater-than disabled avg-bit-speed-less-than disabled avg-signal-less-than...
  • Page 139: Spanning-Tree

    Common Commands 2-91 2.2.29 spanning-tree  Common to all modes Displays Spanning Tree information Syntax show spanning-tree mst [config|detail|instance] show spanning-tree mst detail interface [<interface-name>|ge|me1|sa|vlan <1-4094>] show spanning-tree mst instance <1-15> interface <IF NAME>||vlan <1-4094>}] Parameters config Displays MST configuration information detail interface Displays detailed interface information [<interface-name>|...
  • Page 140 2-92 Motorola RF Switch CLI Reference Guide %------------------------------------------------------ RFSwitch(config)# RFSwitch(config)#show spanning-tree mst detail interface ge % Bridge up - Spanning Tree Enabled % CIST Root Path Cost 0 - CIST Root Port 0 - CIST Bridge Priority 32768 % Forward Delay 15 - Hello Time 2 - Max Age 20 - Max-hops 20...
  • Page 141: Static-Channel-Group

     Common to all modes Displays the members of the static channel groups Supported in the following platforms: • RFS7000 • RFS4000 SWITCH NOTE: This command is not supported in: • RFS6000 Syntax show static-channel-group Parameters None Example RFSwitch(config)#show static-channel-group...
  • Page 142: Terminal

    2-94 Motorola RF Switch CLI Reference Guide 2.2.31 terminal  Common to all modes Displays the terminal information for the device Syntax show terminal Parameters None Example RFSwitch>show terminal Terminal Type: vt102 Length: 44 Width: 125 RFSwitch>...
  • Page 143: Timezone

    Common Commands 2-95 2.2.32 timezone  Common to all modes Displays the timezone set on the device Syntax show timezone Parameters None Example RFSwitch>show timezone Timezone is Etc/UTC RFSwitch>...
  • Page 144: Traffic-Shape

    2-96 Motorola RF Switch CLI Reference Guide 2.2.33 traffic-shape  Common to all modes Displays traffic shaping parameters Supported in the following platforms: • RFS7000 SWITCH NOTE: This command is not supported in: • RFS6000 Syntax show traffic-shape [config|priority-map|statistics] Parameters •...
  • Page 145: Users

    Common Commands 2-97 2.2.34 users  Common to all modes Displays a list of users connected to the device Syntax show users Parameters None Example RFSwitch>show users Line User Uptime Location 0 con 0 316 admin 06:08:11 ttyS0 130 vty 0 2308 admin 00:35:18 RFSwitch>...
  • Page 146: Version

    2-98 Motorola RF Switch CLI Reference Guide 2.2.35 version  Common to all modes Displays the current software & hardware version on the device Syntax show version {verbose} Parameters verbose Displays software and hardware version information Example RFSwitch>show version RFSwitch version 3.2.0.0-024D MIB=01a Copyright (c) 2006-2007 Motorola, Inc.
  • Page 147: Wireless

    Common to all modes range differs from switch to switch. radio-group • RFS7000 – Supports a range between 0-255 • RFS6000 – Supports a range between 0-64 • RFS4000 – Supports a range between 1-6 Displays the wireless configuration parameters and information Syntax...
  • Page 148 2-100 Motorola RF Switch CLI Reference Guide show wireless mesh statistics {<1-32> {detail}} show wireless mobile-unit {[<1-8192>|<MAC>|association- history|association-stats|probe-history|radio| roaming|statistics|voice|wlan]} show wireless mobile-unit [<1-8192>|<MAC>|association-stats] show wireless mobile-unit association-history {<MAC>} show wireless mobile-unit probe-history [<1-200>|config- list] show wireless mobile-unit radio <1-4096> show wireless mobile-unit roaming database show wireless mobile-unit statistics [<1-4096>|<MAC>...
  • Page 149 Common Commands 2-101 show wireless wips [configured-ap-def-essids| configured-bad-essids|fake-ap-flood|filter-list| suspicious-ap] Parameters aap-version Displays the minimum adaptive firmware version string ap [<1-48>|<MAC>| Status of the adopted access port config [<1-48>|<MAC>]] • <1-48> – Defines the index of the access port • <MAC> – Sets the MAC address of a access port •...
  • Page 150 2-102 Motorola RF Switch CLI Reference Guide channel-power Lists the channels and power levels available for a radio [11a|11b|11bg] • 11a – Defines the radio as 802.11a [indoor|outdoor] • 11b – Defines the radio as 802.11b • 11bg – Defines the radio as 802.11bg These options are available for all the above radio types: •...
  • Page 151 Common Commands 2-103 ignored-aps Displays list of ignored-aps detected by the switch known {ap statistics Displays known AP parameters. {<1-1024>}} • ap – Optional. Defines a known AP index <1-1024> • statistics – Optional. Displays known adaptive AP stats • <1-1024> – Optional. Displays adaptive ap statistics for known adaptive APs between 1-1024 mac-auth-local Displays mac-auth-local entries for index <1-1000>.
  • Page 152 2-104 Motorola RF Switch CLI Reference Guide mobile-unit {[<1- Displays the parameters of associated mobile units. All 8192>|<MAC>|associatio parameters are optional. n-history| • <1-8192> – Index of mobile unit association-stats|probe- • <MAC> – MAC address of mobile unit history|radio|roaming|sta • association-history {<MAC>}– Displays the association...
  • Page 153 Common Commands 2-105 multicast-packet-limit Displays the multicast-packet-limit non-preferred-ap- Displays non preferred AP attempt threshold attempts-threshold phrase-to-key Displays the WEP keys generated by a passphrase [wep128|wep64] • wep128 – Displays WEP128 keys <pass-phrase> • wep64 – Displays WEP64 keys • <pass-phrase> – The passphrase to generate the keys for.
  • Page 154 2-106 Motorola RF Switch CLI Reference Guide radio {[<1-4096>| Radio related commands. All parameters are optional. admission-control|all| • <1-4096> – Defines information on a single radio’s index beacon-table|config| • admission-control voice {<1-4096>} – Displays summary monitor-table|statistics| information for all radios that have admission control unadopted|uptime|voice] enabled.
  • Page 155 Common Commands 2-107 • unadopted – Displays a list of unadopted radios • uptime – Displays the uptime of all adopted radios • voice <1-4094> – Displays voice call details • <1-4094> – Optional. Defines a single radio’s index radio-group {<1-256>} Displays radios in specified group •...
  • Page 156 2-108 Motorola RF Switch CLI Reference Guide smart-rf Displays smart-rf related management information [calibration-status| • calibration-status – Displays smart-rf calibration status. configuration| • configuration – Displays smart-rf configuration history|radio] information • history – Displays smart-rf assignment history since last calibration •...
  • Page 157 Common Commands 2-109 wlan [config|statistics] Displays wireless LAN parameters. The following information is displayed: • config [<1-256>|all|enabled] – Displays the wireless LAN configuration information. All parameters optional. • <1-256> – The selected wlan • all – all wlans in the configuration •...
  • Page 158 2-110 Motorola RF Switch CLI Reference Guide (config-wireless) Executable Mode Displays the (config- wireless) configuration parameters and information Syntax show wireless ap [LIST|config] show wireless config [<1-1024>|LIST] show wireless radio [<1-4096>|admission-control|all| beacon-table|config|monitor-table|statistics|unadopted| uptime|voice]} show wireless wlan [config|statistics] show wireless wlan config [<1-256>|all|enabled] show wireless wlan statistics <1-256>...
  • Page 159 Common Commands 2-111 show wireless wlan Configures wireless LAN related parameters [config • config [<1-256>|all|enabled] – Configures wlan {all|enabled}| statistics • <1-256> – Displays wlan index detail} <1-256> • all – Displays all the configured wlans • enabled – Displays only the currently enabled wlans •...
  • Page 160 2-112 Motorola RF Switch CLI Reference Guide RFSwitch>show wireless approved-aps access-port detection is disabled RFSwitch> RFSwitch>show wireless channel-power 11a indoor RFSwitch> RFSwitch(config)#show wireless config country-code : None secure-wispe-default-secret default adoption-pref-id proxy-arp : enabled adopt-unconf-radio : enabled dot11-shared-key-auth : disabled ap-detection...
  • Page 161 Common Commands 2-113 association-requests disassociations authentication-fails crypto-replay-fails 80211-replay-fails decryption-fails unassoc-frames eap-starts eap-naks eap-flood Anomaly Detection: null-destination disabled same-source-destination disabled multicast-source disabled weak-wep-iv disabled tkip-countermeasures enabled invalid-frame-length enabled invalid-8021x-frame disabled invalid-frame-type enabled beacon-broadcast-essid disabled bad-essid-frame enabled unencrypted-traffic enabled non-changing-wep-iv enabled detect-adhoc-networks disabled deauth-broadcast-smac enabled...
  • Page 162 2-114 Motorola RF Switch CLI Reference Guide Total Rx Tx 30s 1hr 30s 1hr 30s 1hr Pkts per sec: 1.73 0.00 0.87 0.00 0.87 0.00 pps Throughput: 0.00 0.00 0.00 0.00 0.00 0.00 Mbps Avg bit speed: 9.19 0.00 Mbps...
  • Page 163 Common Commands 2-115 00-0E-9B-98-F9-34 1 4280716777 Unassociation 00-0E-9B-98-F9-34 1 4280717937 Association RFSwitch(config)# RFSwitch(config)#show wireless mobile-unit radio 1 index MAC-address radio type wlan vlan/tunnel ready IP- address last active Posture Status 00-0E-9B-98-F9-34 1 11g 1 vlan 1 192.168.2.45 0 Sec Listed 1 of a total of 1 mobile-units RFSwitch(config)# RFS7000>show wireless wlan config #enabled...
  • Page 164 2-116 Motorola RF Switch CLI Reference Guide rate-limit: wired-to-wireless: unlimited wireless-to-wired: unlimited Client Bridge Backhaul is disabled on this WLAN This WLAN is an extended WLAN NAC Mode: none RFSwitch(config)# RFS7000(config-wireless)#show wireless ap Number of access-ports adopted Number of AAPs adopted...
  • Page 165: Wlan-Acl

    Common Commands 2-117 2.2.37 wlan-acl  Common to all modes Displays the WLAN based access control list information Syntax show wlan-acl [<1-256>|all] Parameters wlan-acl [ <1-256>|all] Displays WLAN based access control list information • <1-256> – Displays ACLs attached to the specified WLAN ID •...
  • Page 166: Access-List

    2-118 Motorola RF Switch CLI Reference Guide 2.2.38 access-list  Privilege / Global Config Displays the access lists (numbered and named) configured on the switch. The numbered access list displays numbered ACLs. The named access list displays named ACL details.
  • Page 167: Aclstats

    Common Commands 2-119 2.2.39 aclstats  Privilege / Global Config Displays the statistics of configured access lists Syntax show aclstats [access-list|vlan <1-4094>] show aclstats {<1-99>|<100-199>|<1300-1999>|<2000-2699>| <acl-name>} show aclstats vlan <1-4094> Parameters access-list {<1- Displays configured access lists. 99>|<100-199>|<1300- • <1-99> - IP standard access list 1999>|<2000-2699>| •...
  • Page 168: Alarm-Log

    2-120 Motorola RF Switch CLI Reference Guide 2.2.40 alarm-log  Privilege / Global Config Displays the contents of the alarm log on the device Syntax show alarm-log {<1-65535>|acknowledged|all|count|new| severity-to-limit} show alarm-log severity-to-limit {critical| informational|major|normal|warning} Parameters alarm-log [<1-65535>| Displays the contents of the alarm log on the device.
  • Page 169: Boot

    Common Commands 2-121 2.2.41 boot  Privilege / Global Config Displays the boot configuration of the device Syntax show boot Parameters None Example RFSwitch#show boot Image Build Date Install Date Version ----- -------------------- -------------------- ------ -------- Primary Oct 16 03:55:43 2008 Sep 15 00:53:56 2008 1.3.0.0-018B Secondary...
  • Page 170: Clock

    2-122 Motorola RF Switch CLI Reference Guide 2.2.42 clock  Privilege / Global Config Displays the system clock Syntax show clock Parameters None Example RFSwitch#show clock Jun 01 00:51:34 UTC 2007 RFSwitch#...
  • Page 171: Debugging

    Common Commands 2-123 2.2.43 debugging  Privilege / Global Config Displays the debugging configuration information Syntax show debugging mstp Parameters mstp Displays the current MSTP configuration Example RFSwitch(config)#show debugging mstp MSTP debugging status: RFSwitch(config)#...
  • Page 172: Dhcp

    2-124 Motorola RF Switch CLI Reference Guide 2.2.44 dhcp  Privilege / Global Config Displays existing DHCP server configurations Syntax show dhcp [config|status] Parameters config Displays the current DHCP server configuration status Displays whether the DHCP server is running Example...
  • Page 173: File

    Common Commands 2-125 2.2.45 file  Privilege / Global Config Displays the file system information Syntax show file [information|systems] Parameters file Displays the filesystem information. [information|systems] • information <FILE> Displays file information • <FILE> Displays the information on file • systems Lists existing filesystems Example RFSwitch#show file systems...
  • Page 174: Ftp

    2-126 Motorola RF Switch CLI Reference Guide 2.2.46 ftp  Privilege / Global Config Displays the FTP server configuration Syntax show ftp Parameters None Example RFSwitch#show ftp FTP Server: Disabled User Name: anonymous or ftpuser Password: ******** Root dir: flash:/...
  • Page 175: Password-Encryption

    Common Commands 2-127 2.2.47 password-encryption  Privilege / Global Config Displays the global password encryption status Syntax show password-encryption status Parameters status Displays the existing password-encryption status Example RFSwitch#show password-encryption status Password encryption is disabled RFSwitch#...
  • Page 176: Running-Config

    2-128 Motorola RF Switch CLI Reference Guide 2.2.48 running-config  Privilege / Global Config Displays the contents of those configuration files wherein all configured MAC and IP access lists are applied to an interface Syntax show running-config [full|include-factory] Parameters running-config...
  • Page 177 Common Commands 2-129 snmp-server engineid netsnmp 6b8b456749d9e5c1 snmp-server sysname RFS7000 snmp-server manager v2 snmp-server manager v3 snmp-server user snmptrap v3 encrypted auth md5 0x22b4e8506bf66b435abdde2 b996e8100 snmp-server user snmpmanager v3 encrypted auth md5 0x22b4e8506bf66b435abd de2b996e8100 snmp-server user snmpoperator v3 encrypted auth md5 0x0153e87f2d43032f221 b1f3e340942d2 firewall dhcp-snoop-conflict-detection disable...
  • Page 178 2-130 Motorola RF Switch CLI Reference Guide ip dhcp trust interface me1 ip address 10.1.1.100/24 interface vlan1 ip address 172.16.10.2/24 rtls rfid espi sole line con 0 line vty 0 24 RFSwitch(Config)# RFSwitch(config)#show running-config include-factory ! configuration of RFSwitch version 4.0.0.0-008D version 1.0...
  • Page 179 Common Commands 2-131 spanning-tree mst config name My Name no management secure ip domain-lookup service diag period 1000 service diag enable country-code us redundancy group-id 1 redundancy interface-ip 0.0.0.0 redundancy mode primary redundancy hold-period 15 redundancy heartbeat-period 5 redundancy discovery-period 30 no redundancy handle-stp enable no redundancy dhcp-server enable no redundancy enable...
  • Page 180: Securitymgr

    2-132 Motorola RF Switch CLI Reference Guide 2.2.49 securitymgr  Privilege / Global Config Displays the security manager event-logs Syntax show securitymgr event-logs Parameters None Example RFSwitch#show securitymgr event-log RFSwitch#...
  • Page 181: Sessions

    Common Commands 2-133 2.2.50 sessions  Privilege / Global Config Displays the list of current active open sessions on the device Syntax show sessions Parameters None Example RFSwitch#show sessions SESSION USER LOCATION IDLE START TIME Console 06:24m May 31 18:31:36 2007 ** 2 10.10.10.1 00:00m...
  • Page 182: Startup-Config

    2-134 Motorola RF Switch CLI Reference Guide 2.2.51 startup-config  Privilege / Global Config Displays the complete startup configuration script on the console Syntax show startup-config Parameters None Example RFS7000(config)#show startup-config ! configuration of RFS7000 version 4.1.0.0-003D version 1.3 aaa authentication login default local none...
  • Page 183 Common Commands 2-135 snmp-server user snmptrap v3 encrypted auth md5 0x22b4e8506bf66b435abdde2 b996e8100 snmp-server user snmpmanager v3 encrypted auth md5 0x22b4e8506bf66b435abd de2b996e8100 snmp-server user snmpoperator v3 encrypted auth md5 0x0153e87f2d43032f221 b1f3e340942d2 firewall dhcp-snoop-conflict-detection disable firewall dhcp-snoop-conflict-logging disable ip http server ip http secure-trustpoint default-trustpoint ip http secure-server ip ssh ip telnet...
  • Page 184 2-136 Motorola RF Switch CLI Reference Guide interface vlan1 ip address 172.16.10.2/24 rtls rfid espi sole line con 0 line vty 0 24 RFS7000(config)#...
  • Page 185: Upgrade-Status

    Common Commands 2-137 2.2.52 upgrade-status  Privilege / Global Config Displays the last image-upgrade status Syntax show upgrade-status {detail} Parameters None Example RFSwitch#show upgrade-status Last Image Upgrade Status : Successful Last Image Upgrade Time : Mon May 21 16:27:40 2007 RFSwitch#...
  • Page 186: Mac-Name

    2-138 Motorola RF Switch CLI Reference Guide 2.2.53 mac-name  User /Privilege Exec Displays the configured MAC name Supported in the following platforms: • RFS7000 • RFS6000 • RFS4000 Syntax show mac-name Parameters None Example RFSwitch(config-wireless)#show mac-name Index MAC Address...
  • Page 187: Firewall

    Common Commands 2-139 2.2.54 firewall  Priv Exe Mode Displays wireless firewall Supported in the following platforms: • RFS7000 • RFS6000 • RFS4000 Syntax show firewall [config|dhcp|flow] show firewall [config|dhcp snoop-table|flow timeouts] Parameters firewall [config|dhcp Displays firewall configuration information. snoop-table| •...
  • Page 188: Role

    2-140 Motorola RF Switch CLI Reference Guide 2.2.55 role  Priv Exe Mode Displays existing role name Supported in the following platforms: • RFS7000 • RFS6000 • RFS4000 Syntax show role [<role-name>|mobile-units] Parameters role [<role-name>| Displays existing role name mobile-units] •...
  • Page 189 2.2.56 virtual-IP  Global Config Mode Displays all the virtual-IPs present in the configuration Supported in the following platforms: • RFS7000 • RFS6000 • RFS4000 Syntax show virtual-ip [config|status] Parameters show virtual-ip Displays all the virtual-ip’s present in the configuration.
  • Page 190: Virtual-Ip

    2-142 Motorola RF Switch CLI Reference Guide RFS7000>show virtual-ip config RFS7K-1(config)#show virtual-ip config Virtual-IP Status : Enabled Cluster Redundancy Status : Enabled Priority Selection Mode : Automatic Learning Timeout(sec) Advertisement Timeout(sec) Gratuitous ARP Timeout(sec) : 180 Virtual-IP Server Port : 51525 Switch IP : 192.168.11.4...
  • Page 191 Common Commands 2-143 Total Number of Peers Peer Status Information +--------------------------------------------------------- -------------+ Peer IP Status Advts Sent Advts Recvd +--------------------------------------------------------- -------------+ | 192.168.11.5 | Slave 600214 +--------------------------------------------------------- -------------+ Virtual IP Master Details +--------------------------------------------------+ | Vlan | Priority | SwitchID Virtual IP ---------------------------------------------------+ | 3232238340| 192.168.11.4|...
  • Page 192 2-144 Motorola RF Switch CLI Reference Guide RFS7K-1(config)#no virtual-ip vmac Removes the configured vmac on the switch...
  • Page 193: Wwan

    [config|dns-server] Parameters config Displays wwan signal configuration dns-server Displays wwan DNS server addresses Example RFS6000#show wwan config Access Port Name : isp.cingular Auth-type: chap Username : isp@cingulargprs.com RFS6000# RFS6000#show wwan dns-server Preferred DNS server : 209.183.54.151 Alternate DNS server : 209.183.54.151...
  • Page 194 2-146 Motorola RF Switch CLI Reference Guide output errors 0, aborted 0, carrier 0, fifo 0, heartbeat 0, window 0 collisions 0 RFS6000# RFS6000#show ip interface brief Interface IP-Address/Mask Status Protocol 10.1.1.100/24 down vlan1 192.168.1.1/24 vlan11 192.168.11.1/24 vlan2 64.171.249.249/24 166.129.246.245/32 up...
  • Page 195: Aap-Wlan-Acl

    [<1-256>|all] Parameters aap-wlan-acl [<1-32>|all] Applies an ACL on wlan for an aap. • <1-32> – Displays ACLs attached to the specified wlan id for aap • all – Displays ACLs attached to wlan port Example RFS6000(config)#show aap-wlan-acl 8 RFS6000(config)#...
  • Page 196: Aap-Wlan-Acl-Stats

    2-148 Motorola RF Switch CLI Reference Guide 2.2.59 aap-wlan-acl-stats  Privilege / Global Config Displays the acl stats for wlan Supported in the following platforms: • RFS7000 • RFS6000 • RFS4000 Syntax show aap-wlan-acl-stats Parameters aap-wlan-acl-stats Displays IP filtering wlan based statistics...
  • Page 197: Protocol-List

    Common Commands 2-149 2.2.60 protocol-list  Common to all Modes Displays the list of protocols Supported in the following platforms: • RFS7000 • RFS6000 Syntax show protocol-list Parameters show protocol-list Displays the list of protocols Example RFS6000(config)#show protocol-list Protocol Name...
  • Page 198: Service-List

    2-150 Motorola RF Switch CLI Reference Guide 2.2.61 service-list  Common to all Modes Displays the list of services Supported in the following platforms: • RFS7000 • RFS6000 • RFS4000 Syntax show service-list Parameters show service-list Displays the list of services...
  • Page 199 Common Commands 2-151...
  • Page 200 2-152 Motorola RF Switch CLI Reference Guide...
  • Page 201: Chapter 3. User Exec Commands

    User Exec Commands Logging in to the switch places you within the USER EXEC command mode. Typically, a login requires a user name and password. You have three login attempts before a connection attempt is refused. USER EXEC commands (available at the user level) are a subset of the commands available at the privileged level.
  • Page 202 Motorola RF Switch CLI Reference Guide Table 3.1 User Exec Mode Command Summary Command Description Ref. exit Ends the current mode and moves down to the page 2-3 previous mode help Describes the interactive help system page 2-4 logout Exits the EXEC mode...
  • Page 203 • ge <1-5> – Available only in RFS4000 • ge <1-8> – Available only in RFS6000 • me1 – Available in both RFS7000 and RFS6000 • up1 – Available only in RFS6000 • sa <1-4> – Available only in RFS7000 •...
  • Page 204 Motorola RF Switch CLI Reference Guide Parameters crypto [ipsec|isakmp] sa Clears IPSec/ISAKMP SAs for a given peer {<IP>} • ipsec sa {<IP> } – Clears IPSec SA’s • isakmp sa {<IP> } – Clears ISAKMP SA’s • sa – Clears all IPSec/ISAKMP SA's •...
  • Page 205: Cluster-Cli

    A new context redundancy supports the cluster-cli. Any commands executed under this context are executed on all members of the cluster. Supported in the following platforms: • RFS7000 • RFS6000 • RFS4000 Syntax cluster-cli enable Parameters enable Enables the cluster context Example RFSwitch>...
  • Page 206: Disable

    Motorola RF Switch CLI Reference Guide 3.1.3 disable  User Exec Commands Enables the PRIV mode to use the disable command. Use the command to exit disable the PRIV mode Supported in the following platforms: • RFS7000 • RFS6000 • RFS4000...
  • Page 207: Enable

    User Exec Commands 3.1.4 enable  User Exec Commands Use the enable command to enter the PRIV mode Supported in the following platforms: • RFS7000 • RFS6000 • RFS4000 Syntax enable Parameters None Example RFSwitch>enable RFSwitch#...
  • Page 208: Logout

    Motorola RF Switch CLI Reference Guide 3.1.5 logout  User Exec Commands Use this command instead of the command to exit the EXEC mode exit Supported in the following platforms: • RFS7000 • RFS6000 • RFS4000 Syntax logout Parameters None...
  • Page 209: Page

    Use the command to toggle the switch paging function. Enabling this command displays the CLI command output page by page, instead of running the entire output at once. Supported in the following platforms: • RFS7000 • RFS6000 • RFS4000 Syntax page...
  • Page 210: Ping

    3-10 Motorola RF Switch CLI Reference Guide 3.1.7 ping  User Exec Commands Sends ICMP echo messages to a user-specified location Supported in the following platforms: • RFS7000 • RFS6000 • RFS4000 Syntax ping {[<IP>|<hostname>]} Parameters ping {[<IP>|<hostname>]} Pings the specified destination IP address or hostname.
  • Page 211: Quit

    3-11 3.1.8 quit  User Exec Commands Use this command to exit the current mode and move to the previous mode Supported in the following platforms: • RFS7000 • RFS6000 • RFS4000 Syntax quit Parameters None Example The switch logs off upon execution of the command...
  • Page 212: Telnet

    3-12 Motorola RF Switch CLI Reference Guide 3.1.9 telnet  User Exec Commands Opens a telnet session Supported in the following platforms: • RFS7000 • RFS6000 • RFS4000 Syntax telnet <IP> port Parameters telnet <IP> port Defines the IP address or hostname of a remote system •...
  • Page 213: Terminal

    3-13 3.1.10 terminal  User Exec Commands Sets the length/number of lines displayed within the terminal window Supported in the following platforms: • RFS7000 • RFS6000 • RFS4000 Syntax terminal [length <0-512>|no [length <0-512>|width]| width <0-512>] Parameters length <0-512> Sets the number of lines on a screen no [length <0-512>|...
  • Page 214: Traceroute

    3-14 Motorola RF Switch CLI Reference Guide 3.1.11 traceroute  User Exec Commands Traces the route to its defined destination Supported in the following platforms: • RFS7000 • RFS6000 • RFS4000 Syntax traceroute [[<IP>|<hostname>]|ip [<IP>|<hostname>]] Parameters [<IP>|<hostname>] Traces the route to a destination IP address or a hostname ip [<IP>|<hostname>]...
  • Page 215: Chapter 4. Privileged Exec Commands

    Privileged Exec Commands Most PRIV EXEC commands set operating parameters. Privileged-level access should be password protected to prevent unauthorized use. The PRIV EXEC command set includes commands contained within the USER EXEC mode. The PRIV EXEC mode also provides access to configuration modes, and includes advanced testing commands. The PRIV EXEC mode prompt consists of the host name of the device followed by a pound sign (#).
  • Page 216 Motorola RF Switch CLI Reference Guide Table 4.1 Priv Exec Mode Command Summary Command Description Ref. clear Resets switch functions to last saved configuration page 4-9 clock Configures the software system clock page 4-13 clrscr Clears the displayed screen page 2-2...
  • Page 217 Privileged Exec Commands Table 4.1 Priv Exec Mode Command Summary Command Description Ref. Negates a command or sets its defaults page 2-5 page Toggles the paging function page 4-39 ping Sends ICMP echo messages to a specified location page 4-40 Displays the current directory page 4-41 quit...
  • Page 218: Acknowledge

    Motorola RF Switch CLI Reference Guide 4.1.1 acknowledge  Priv Exec Command Acknowledges alarms Supported in the following platforms: • RFS7000 • RFS6000 • RFS4000 Syntax acknowledge alarm-log [<1-65535>|all] Parameters alarm-log [<1-65535>|all] Acknowledges alarms • <1-65535> – Acknowledges the specific alarm ID •...
  • Page 219: Archive

    Privileged Exec Commands 4.1.2 archive  Priv Exec Command Manages file archive operations Supported in the following platforms: • RFS7000 • RFS6000 • RFS4000 Syntax archive tar /table [<FILE>|<URL>] archive tar /create [<FILE>|<URL>] [<FILE>|<DIR>] archive tar /xtract [<FILE>|<URL>] <DIR> Parameters...
  • Page 220 Motorola RF Switch CLI Reference Guide flash/log/startup.log flash/log/radius/ RFSwitch#dir flash:/ How to view the output tar file? Directory of flash:/ drwx 1024 Thu Apr 17 08:25:50 2007 hotspot drwx Fri Apr 8 12:27:20 2007 drwx 1024 Thu Apr 7 16:23:34 2007...
  • Page 221 Privileged Exec Commands 4.1.3 cd  Priv Exec Command Changes the current directory Supported in the following platforms: • RFS7000 • RFS6000 • RFS4000 Syntax cd {<DIR>} Parameters <DIR> Changes current directory to DIR. This parameter is optional. When this parameter is not provided, the current directory name is displayed.
  • Page 222: Change-Passwd

    Motorola RF Switch CLI Reference Guide 4.1.4 change-passwd  Priv Exec Command Changes the password of a logged user Supported in the following platforms: • RFS7000 • RFS6000 • RFS4000 Syntax change-passwd Parameters None Usage Guidelines A password must be between 8 to 32 characters in length. For security, the console does not display user entered key words or the old password and new password fields.
  • Page 223: Clear

    Privileged Exec Commands 4.1.5 clear  Priv Exec Command Resets the current context Supported in the following platforms: • RFS7000 • RFS6000 • RFS4000 Syntax clear [aclstats|alarm-log|arp-cache|counters|crypto| dosstats|ip|logging|mac-address-table|mobility| spanning-tree] clear [aclstats|arp-cache|dosstats|logging] clear alarm-log [<1-65535>|acknowledge|all|new] clear counters [all|bridge|firewall|igmp-snooping|interface| router|thread] clear counters interface [<interface>|all|ge <1-8>|me1|sa <1-4>|up1|vlan <1-4094>]...
  • Page 224 4-10 Motorola RF Switch CLI Reference Guide clear spanning-tree detected-protocols {interface <interface-name>} Parameters aclstats Clears ACl statistics alarm-log [<1-65535>| Clears the alarm-log acknowledge|all|new] • <1-65535> – Clears the specific alarm ID • acknowledge – Clears acknowledged alarms • all – Clear all alarms •...
  • Page 225 Privileged Exec Commands 4-11 ip [dhcp| Clears Internet Protocol (IP) DHCP/NAT pmtu-discovery- • dhcp binding [*|<IP>|all]– DHCP server configuration blackhole-cache] • binding [*|<IP>|all]– DHCP address bindings • * – Clears all bindings • <IP> – Clears a specific IP binding •...
  • Page 226 4-12 Motorola RF Switch CLI Reference Guide mobility [event-log| Clears mobility attributes mobile-unit| • event-log [mobile-unit|peer]– Clears the event log peer-statistics] • mobile-unit – Clears MU event-logs for • peer – Clears peer event logs • mobile-unit [<MAC>|all|foreign-database home-database] – Clears MU information.
  • Page 227: Clock

    4-13 4.1.6 clock  Priv Exec Command Configures the software system clock Supported in the following platforms: • RFS7000 • RFS6000 • RFS4000 Syntax clock set HH:MM:SS <1-31> <MONTH> <1993-2035> Parameters HH:MM:SS Sets the time in hours, minutes, and seconds <1-31>...
  • Page 228: Cluster-Cli

    4-14 Motorola RF Switch CLI Reference Guide 4.1.7 cluster-cli  Priv Exec Command Use this command to access the cluster-cli context. The cluster-cli context provides centralized management to configure all members of cluster from one member. Any command executed under this context is executed on all switches in the cluster.
  • Page 229: Configure

    Privileged Exec Commands 4-15 4.1.8 configure  Priv Exec Command Enters the configuration mode Supported in the following platforms: • RFS7000 • RFS6000 • RFS4000 Syntax configure terminal Parameters terminal Enables configuration from the terminal Example RFSwitch#configure terminal Enter configuration commands, one per line. End with CNTL/Z.
  • Page 230: Copy

    4-16 Motorola RF Switch CLI Reference Guide 4.1.9 copy  Priv Exec Command Copies any file (config,log,txt ...etc) from any location to the switch and vice-versa NOTE: Copying a new config file onto an existing running-config file merges it with the existing running-config on the switch. Both, the existing running-config and the new config file are applied as the current running-config.
  • Page 231: Debug

    Privileged Exec Commands 4-17 4.1.10 debug  Priv Exec Command Use this command for debugging Supported in the following platforms: • RFS7000 • RFS6000 • RFS4000 Syntax debug [all|cc|ccstats|certmgr|dhcpsvr|imi|ip|logging|mgmt| mobility|mstp|nsm|radius|redundancy|rns|securitymgr|sole] debug all debug cc [access-port|all|alt|ap-containment|ap-detect| capwap|cluster|config|dot11|eap|ids|kerberos|l3-mob| loc-ap|loc-mu|media|mobile-unit|radio|radius|self-heal| smart|snmp|system|wips|wisp|wlan] {[debug|err|info|warn]} debug ccstats <statsmodule>...
  • Page 232 4-18 Motorola RF Switch CLI Reference Guide cc [access-port|all|alt| Cellcontroller (wireless) debugging message ap-containment| • access-port [debug|err|info|warn] – Debugs access port apetect|capwap|cluster| logs config|dot11|eap|ids| • debug ebugs all default messages – D kerberos|l3-mob|loc-ap| • err – Debugs error and higher severity messages loc-mu|media| •...
  • Page 233 Privileged Exec Commands 4-19 ccstats <stats-module> Cellcontroller statistics (wireless) debugging messages • stats-module [debug|error|info|warn] – Statistics Module to be debugged • debug – Debugs all default messages • err – Debugs error and higher severity messages • info – Debugs information and higher severity messages •...
  • Page 234 4-20 Motorola RF Switch CLI Reference Guide ip [https|ssh] Internet protocol debugging messages • https – Secure HTTP <HTTPS> Server • ssh – Secure Shell <SSH> Server logging Modify message logging facilities for debugging messages [all|errors|init|monitor| • all – All debugging subagent] •...
  • Page 235 Privileged Exec Commands 4-21 mstp Multiple Spanning Tree Protocol (MSTP) debugging [all|cli|packet|protocol| message timer] • all – all • cli – CLI commands • packet [rx|tx] – MSTP packets • rx – receive packet • tx – transmit packet • protocol detail – Protocol •...
  • Page 236 4-22 Motorola RF Switch CLI Reference Guide redundancy Redundancy protocol debugging messages [all|ccmsg|config|errors| • all – Debugging all general|heartbeats|init| • ccmsg – Msg exchange with CC packets|proc|shutdown| • config – Configuration processing states|subagent|timer| • errors – Errors warnings] • general – General •...
  • Page 237 Privileged Exec Commands 4-23 securitymgr Security manager debugging messages [acldebug|aclerror|all| • acldebug – Trace debug messages from ACL module debug|dosdebug| • aclerror – Trace error messages from ACL module doserror|error|ikedebug| • all – Trace all messages from Security Manager natdebug|naterror| •...
  • Page 238 4-24 Motorola RF Switch CLI Reference Guide sole [adapters|aeroscout| Location engine debugging messages algo|all|cclib|ekahau|erro • adapters – SOLE Adapter manager logs rs|info|init] • aeroscout – Aeroscout logs • algo – Location algorithm logs • all – All module logs • cclib – cc library logs •...
  • Page 239: Delete

    Privileged Exec Commands 4-25 4.1.11 delete  Priv Exec Command Deletes a specified file from the system Supported in the following platforms: • RFS7000 • RFS6000 • RFS4000 Syntax delete [/force <FILE>|/recursive <FILE>|<FILE>] Parameters /force Forces deletion without a prompt /recursive...
  • Page 240: Diff

    4-26 Motorola RF Switch CLI Reference Guide 4.1.12 diff  Priv Exec Command Displays the differences between 2 files Supported in the following platforms: • RFS7000 • RFS6000 • RFS4000 Syntax diff [<FILE>|<URL>] [<FILE>|<URL>] Parameters <FILE> The first <FILE> is the source file for the diff. The second <FILE>...
  • Page 241 Privileged Exec Commands 4-27 rad-user sumi policy wlan 2 policy vlan 44 policy wlan 10 group kumar3...
  • Page 242: Dir

    4-28 Motorola RF Switch CLI Reference Guide 4.1.13 dir  Priv Exec Command View the list of files on a filesystem Supported in the following platforms: • RFS7000 • RFS6000 • RFS4000 Syntax dir {[/all|/recursive] [<DIR>|all-filesystems]} Parameters /all Lists all files...
  • Page 243: Disable

    Privileged Exec Commands 4-29 4.1.14 disable  Priv Exec Command Turns off the privileged mode command Supported in the following platforms: • RFS7000 • RFS6000 • RFS4000 Syntax disable Parameters None Example RFSwitch#disable RFSwitch>...
  • Page 244: Edit

    4-30 Motorola RF Switch CLI Reference Guide 4.1.15 edit  Priv Exec Command Edits a text file Supported in the following platforms: • RFS7000 • RFS6000 • RFS4000 Syntax edit <FILE> Parameters <FILE> Name of the file to be modified...
  • Page 245: Enable

    Privileged Exec Commands 4-31 4.1.16 enable  Priv Exec Command Turns on the privileged mode command Supported in the following platforms: • RFS7000 • RFS6000 • RFS4000 Syntax enable Parameters None Example RFSwitch#enable RFSwitch#...
  • Page 246: Erase

    4-32 Motorola RF Switch CLI Reference Guide 4.1.17 erase  Priv Exec Command Erases a target filesystem Supported in the following platforms: • RFS7000 • RFS6000 • RFS4000 Syntax erase [nvram:|flash:|startup-config|usb1:|usb2:|cf:] Parameters nvram: Erases everything in nvram flash: Erases everything in flash...
  • Page 247: Halt

    Privileged Exec Commands 4-33 4.1.18 halt  Priv Exec Command Stops (halts) the switch Supported in the following platforms: • RFS7000 • RFS6000 • RFS4000 Syntax halt Parameters None Example RFSwitch#halt Wireless switch will be halted, do you want to continue?
  • Page 248: Kill

    4-34 Motorola RF Switch CLI Reference Guide 4.1.19 kill  Priv Exec Command Kills (terminates) a specified session and stops (halts) the switch Supported in the following platforms: • RFS7000 • RFS6000 • RFS4000 Syntax kill session <1-16> Parameters session...
  • Page 249: Logout

    Privileged Exec Commands 4-35 4.1.20 logout  Priv Exec Command Exits the EXEC mode and stops (halts) the switch Supported in the following platforms: • RFS7000 • RFS6000 • RFS4000 Syntax logout Parameters None Example RFSwitch#logout RFSwitch release 3.0.0.0-200B Login as 'cli' to access CLI.
  • Page 250: Mkdir

    4-36 Motorola RF Switch CLI Reference Guide 4.1.21 mkdir  Priv Exec Command Creates a new directory in the filesystem Supported in the following platforms: • RFS7000 • RFS6000 • RFS4000 Syntax mkdir <DIR> Parameters <DIR> Directory name Example RFSwitch#mkdir TestDIR...
  • Page 251: More

    Privileged Exec Commands 4-37 4.1.22 more  Priv Exec Command Displays the contents of a file Supported in the following platforms: • RFS7000 • RFS6000 • RFS4000 Syntax more <FILE> Parameters <FILE> Displays the contents of the file Example RFSwitch#more flash:/log/messages.log Sep 08 12:27:30 2006: %PM-5-PROCSTOP: Process "radiusd"...
  • Page 252 4-38 Motorola RF Switch CLI Reference Guide User 'admin' logged in with role of ' superuser' from auth source 'local' Sep 08 12:28:01 2006: %NSM-6-DHCPDEFRT: Default route with gateway 157.235.208.246 learnt via DHCP Sep 08 12:28:01 2006: %NSM-6-DHCPIP: Interface vlan1 acquired IP address 157.235.208.93/24 via DHCP...
  • Page 253: Page

     Priv Exec Command Toggles switch paging. Enabling this command displays the command output page by page instead of running the entire output at once. Supported in the following platforms: • RFS7000 • RFS6000 • RFS4000 Syntax page Parameters None...
  • Page 254: Ping

    4-40 Motorola RF Switch CLI Reference Guide 4.1.24 ping  Priv Exec Command Send (transmits) ICMP echo messages Supported in the following platforms: • RFS7000 • RFS6000 • RFS4000 Syntax ping {<IP>} Parameters <IP> Sets the ping destination address or hostname Example RFSwitch#ping 157.235.208.39...
  • Page 255: Pwd

    Privileged Exec Commands 4-41 4.1.25 pwd  Priv Exec Command View the contents of the current directory Supported in the following platforms: • RFS7000 • RFS6000 • RFS4000 Syntax Parameters None Example RFSwitch#pwd flash:/ RFSwitch#...
  • Page 256: Quit

    4-42 Motorola RF Switch CLI Reference Guide 4.1.26 quit  Priv Exec Command Exits the current mode and moves to the previous mode Supported in the following platforms: • RFS7000 • RFS6000 • RFS4000 Syntax quit Parameters None Example RFSwitch#quit RFSwitch release 4.0.0.0-XXXX...
  • Page 257: Reload

    Privileged Exec Commands 4-43 4.1.27 reload  Priv Exec Command Halts the switch and performs a warm reboot Supported in the following platforms: • RFS7000 • RFS6000 • RFS4000 Syntax reload Parameters None Example RFSwitch#reload...
  • Page 258: Rename

    4-44 Motorola RF Switch CLI Reference Guide 4.1.28 rename  Priv Exec Command Renames a file in the existing filesystem Supported in the following platforms: • RFS7000 • RFS6000 • RFS4000 Syntax rename <FILE> <FILE> Parameters <FILE> Specifies the file to rename. The first <FILE> is the old file name.
  • Page 259: Rmdir

    4-45 4.1.29 rmdir  Priv Exec Command Deletes an existing file from the file system Supported in the following platforms: • RFS7000 • RFS6000 • RFS4000 Syntax rmdir <DIR> Parameters <DIR> Defines the name of the directory to delete Example...
  • Page 260: Telnet

    4-46 Motorola RF Switch CLI Reference Guide 4.1.30 telnet  Priv Exec Command Opens a telnet session Supported in the following platforms: • RFS7000 • RFS6000 • RFS4000 Syntax telnet <IP> {<port>} Parameters telnet <IP> {<port>} Defines the IP address or hostname of a remote system •...
  • Page 261: Terminal

    4-47 4.1.31 terminal  Priv Exec Command Sets the length/number of lines displayed within the terminal window Supported in the following platforms: • RFS7000 • RFS6000 • RFS4000 Syntax terminal [length <0-512>|no [length <0-512>|width]| width <0-512>] Parameters length <0-512> Sets the number of lines on a screen •...
  • Page 262: Traceroute

    4-48 Motorola RF Switch CLI Reference Guide 4.1.32 traceroute  Priv Exec Command Traces a route to a destination Supported in the following platforms: • RFS7000 • RFS6000 • RFS4000 Syntax traceroute [[<IP>|<hostname>]|ip [<IP>|<hostname>]] Parameters [<IP>|<hostname>] Traces the route to a destination IP address or a hostname ip [<IP>|<hostname>]...
  • Page 263: Upgrade

    Privileged Exec Commands 4-49 4.1.33 upgrade  Priv Exec Command Upgrades the software image Supported in the following platforms: • RFS7000 • RFS6000 • RFS4000 Syntax upgrade <URL> {background} Parameters <URL> Location of the target firmware image used in upgrade background Optional.
  • Page 264 4-50 Motorola RF Switch CLI Reference Guide kernel/ISR 100.00%) Sep 08 15:58:44 2009: %PM-4-PROCNORESP: Process "logd" is not responding Jan 08 15:58:44 2009: %PM-4-PROCNORESP: Process "logd" is not responding Jan08 15:58:44 2009: %PM-4-PROCNORESP: Process "logd" is not responding Jan 08 15:58:44 2009: %PM-4-PROCNORESP: Process "logd"...
  • Page 265: Upgrade - Abort

    Privileged Exec Commands 4-51 4.1.34 upgrade - abort  Priv Exec Command Aborts an ongoing upgrade process Supported in the following platforms: • RFS7000 • RFS6000 • RFS4000 Syntax upgrade-abort Parameters None Example RFSwitch#upgrade-abort...
  • Page 266: Write

    4-52 Motorola RF Switch CLI Reference Guide 4.1.35 write  Priv Exec Command Writes the running configuration to memory or a terminal Supported in the following platforms: • RFS7000 • RFS6000 • RFS4000 Syntax write [memory|terminal] Parameters memory Writes to NV memory...
  • Page 267 Privileged Exec Commands 4-53 ip http secure-trustpoint local ip http secure-server ip ssh ip telnet snmp-server manager v2 snmp-server manager v3 crypto isakmp identity address crypto isakmp keepalive 10 crypto ipsec security-association lifetime kilobytes 4608000 !........
  • Page 268: Format

    4-54 Motorola RF Switch CLI Reference Guide 4.1.36 format  Priv Exec Command Formats file system Supported in the following platforms: • RFS7000 Syntax format cf: Parameters Formats compact flash Example RFSwitch#format cf:...
  • Page 269: Global Configuration Commands

    Global Configuration Commands The term global is used to indicate characteristics or features effecting the system as a whole. Use the Global Configuration Mode to configure the system globally, or enter specific configuration modes to configure specific elements (such as interfaces or protocols).
  • Page 270: Global Configuration Commands

    Motorola RF Switch CLI Reference Guide 5.1 Global Configuration Commands Table 5.1 summarizes the Global Config commands Table 5.1 Global Config Mode Command Summary Command Description Ref. Configures the current authentication, authorization page 5-5 and accounting (aaa) login settings access-list...
  • Page 271 Global Configuration Commands Table 5.1 Global Config Mode Command Summary Command Description Ref. license Sets license management commands page 5-58 line Configures a terminal line page 5-59 local Sets the username and password for local user page 5-60 authentication logging Modifies message logging facilities page 5-61 Configures MAC access-lists...
  • Page 272 Motorola RF Switch CLI Reference Guide Table 5.1 Global Config Mode Command Summary Command Description Ref. spanning-tree Configures spanning tree commands page 5-107 timezone Configures the timezone page 5-111 traffic-shape Configures traffic shaping page 5-112 username Establishes user name authentication...
  • Page 273: Aaa

    5.1.1 aaa  Global Configuration Commands Configures the current Authentication, Authorization and Accounting (AAA) login settings Supported in the following platforms: • RFS7000 • RFS6000 • RFS4000 Syntax aaa [authentication|nas|vpn-authentication] aaa authentication login default [local|none|radius] aaa nas <name> aaa vpn-authentication [primary|secondary] <IP> key [0 <secret>|2 <secret>|<secret>] {authport <1024-65535>}...
  • Page 274 Motorola RF Switch CLI Reference Guide vpn-authentication Sets the configuration for VPN authentication using [primary|secondary] RADIUS. [<IP> key [0 <secret>| • primary – Sets the configuration for the primary server. 2 <secret>|<secret>] • secondary – Sets the configuration for the secondary {authport <1024-65535>}...
  • Page 275: Access-List

    Extended ACLs, and the name can be any valid alphanumeric string (not exceeding 64 characters). With numbered ACLs, the rule parameters have to be specified on the same command line along with the ACL identifier. Supported in the following platforms: • RFS7000 • RFS6000 • RFS4000 Syntax access-list [<1-99>|<100-199>|<1300-1999>|<2000-2699>] For Standard IP ACLs: access-list [<1-99>|<1300-1999>] [deny|permit|mark]...
  • Page 276 Motorola RF Switch CLI Reference Guide For Extended IP ACLs: access-list [<100-199>|<2000-2699>] [deny|permit|mark] [icmp|ip|tcp|upd] access-list [<100-199>|<2000-2699>] [deny|permit|mark] icmp [<source-IP/Mask>|any|host <IP>] [<dest-IP/Mask>|any|host <IP>] {<ICMP-type> {<ICMP-code>}} {log} {rule-precedence <1- 5000>} access-list [<100-199>|<2000-2699>] [deny|permit|mark]ip [<source-IP/Mask>|any|host <IP>] [<dest-IP/Mask>|any|host <IP>] {log} {rule-precedence <1-5000>} access-list [<100-199>|<2000-2699>] [deny|permit|mark] [tcp|udp] [<source-IP/Mask>|any|host <IP>] {eq...
  • Page 277 Global Configuration Commands Parameters access-list Adds a standard access list entry. [<1-99>|<1300-1999>] • [<1-99>|<1300-1999>] – Defines access list number from [permit|deny] 1-99 or 1300-1999 [<IP/MASK>|any| • [deny|permit] – Defines action types on an ACL. host <IP>] {[rule- • [<IP/MASK>| host <IP>| any] – <IP/MASK> is the precedence <1-5000>...
  • Page 278 5-10 Motorola RF Switch CLI Reference Guide access-list [<1- Adds a standard access list entry. 99>|<1300-1999>] • [<1-99>|<1300-1999>] – Defines access list number from mark [8021p <0- 1-99 or 1300-1999 7>|dscp <0-63>|tos • mark – Marks a packet. The action type mark <0-255>] [<IP/...
  • Page 279 Global Configuration Commands 5-11 access-list Adds an Extended IP access list entry. [<100-199>|<2000- • (<100-199>|<2000-2699>) – For ICMP extended ACLs, the 2699>] [permit|deny] ACL must be between 2000-2699 [icmp|ip|tcp|udp] • [deny|permit] – Defines action types on an ACL. [<IP/MASK>|any| • [icmp|ip|tcp|udp] – The protocol type for the extended host <IP>] {[rule- ACL entry precedence <1-5000>...
  • Page 280 5-12 Motorola RF Switch CLI Reference Guide access-list Adds an Extended IP access list entry. [<100-199>|<2000- • (<100-199>|<2000-2699>) – For ICMP extended ACLs, the 2699>] mask [8021p ACL must be between 2000-2699 <0-7>|dscp <0-63>|tos • mark – Marks a packet. The action type mark <0-255>]...
  • Page 281 Global Configuration Commands 5-13 Use an access list command under the global configuration to create an access list. The switch supports port, router and WLAN ACLs • When the access list is applied on an Ethernet port, it becomes a port ACL •...
  • Page 282: Autoinstall

    5-14 Motorola RF Switch CLI Reference Guide 5.1.3 autoinstall  Global Configuration Commands Autoinstalls the switch image Supported in the following platforms: • RFS7000 • RFS6000 • RFS4000 Syntax autoinstall [clear-config-history|cluster-config|config| image|reset-config|start] autoinstall [clear-config-history|reset-config|start] autoinstall [cluster-config|config] {url <URL>} autoinstall image {[url <URL>|version <version>]}...
  • Page 283 Global Configuration Commands 5-15 config {url <URL>} Autoinstalls a config setup. • url – Optional. Sets the URL of the item • URL – Remote/external location of the file URLS: tftp://<hostname|IP>[:port]/path/file ftp://<user>:<passwd>@<hostname|IP>[:port]/ path/file http://<hostname|IP>[:port]/path/file cf:/path/file usb1:/path/file usb2:/path/file image {[url <URL>| Autoinstalls the image setup.
  • Page 284: Banner

    5-16 Motorola RF Switch CLI Reference Guide 5.1.4 banner  Global Configuration Commands Defines a login banner for the switch. Use to delete a previously configured {no} banner banner. Supported in the following platforms: • RFS7000 • RFS6000 • RFS4000 Syntax {no} banner motd [<message>|default]...
  • Page 285: Boot

     Global Configuration Commands Reboots the switch with an image in the mentioned partition (either the primary or secondary partition) Supported in the following platforms: • RFS7000 • RFS6000 • RFS4000 Syntax boot system [primary|secondary] Parameters system Specifies the boot image used after reboot [primary|secondary] •...
  • Page 286: Bridge

    • RFS4000 SWITCH NOTE: The interfaces mentioned below are supported in the following platforms: • ge <index> – RFS7000 and RFS4000 supports 4 GEs and RFS6000 supports 8 GEs • sa <1-4> – Supported on RFS7000, and sa <1-6> on RFS4000 •...
  • Page 287 • sa <1-4> – Static Aggregate interface index. Only supported on RFS7000 • me1 – Fast Ethernet interface • up1 – WAN interface. Only available on RFS6000 and RFS4000 • ageing-time [0|<10-1000000>] – The time duration a learned MAC address persists after the last update •...
  • Page 288 5-20 Motorola RF Switch CLI Reference Guide RFSwitch(config)# RFSwitch(config)#bridge 2 address 1a2b:3c4d:5e6f forward eth 1 vlan 2 RFSwitch(config)#...
  • Page 289: Country-Code

    5-21 5.1.7 country-code  Global Configuration Commands Sets the country of operation Supported in the following platforms: • RFS7000 • RFS6000 • RFS4000 Syntax {no} country-code <code> Parameters <code> A two (2) letter ISO-3166 country code. To view country codes, use the show wireless country-code-list command.
  • Page 290: Crypto

    5-22 Motorola RF Switch CLI Reference Guide 5.1.8 crypto  Global Configuration Commands Use crypto to define system level local ID for ISAKMP negotiation and to enter the ISAKMP Policy, ISAKMP Client or ISAKMP Peer command set. NOTE: moves to the crypto isakmp(policy)Priority instance.
  • Page 291 Global Configuration Commands 5-23 crypto isakmp [client|keepalive|key|peer|policy] crypto isakmp client configuration group default crypto isakmp keepalive <10-3600> crypto isakmp key [0 <secret>|2 <secret>|<secret>] [address <IP>|hostname <HOST>] crypto isakmp peer [address <IP>|dn <distinguished-name>| hostname <HOST>] crypto isakmp policy <1-10000> crypto key [export|generate|import|zeroize] crypto key export rsa <rsa-keypair>...
  • Page 292 5-24 Motorola RF Switch CLI Reference Guide Parameters ipsec (security- Configures IPSEC policies. association| transform- • security-association – Defines the security association set) parameter used to define its lifetime • lifetime (kilobyte | seconds) – The lifetime of IPSEC security association. It can be defined in either: kilobytes –...
  • Page 293 Global Configuration Commands 5-25 isakmp Configures the Internet Security Association and Key Management Protocol (ISAKMP) policy. [client|keepalive|key| • client configuration (group) (default) – Leads to the peer|policy] config-cryptogroup instance For more details see Crypto-group Instance on page 7-1. • keepalive <10-3600> – Sets a keepalive interval for use with remote peers.
  • Page 294 5-26 Motorola RF Switch CLI Reference Guide Authentication key management functions. [export|generate|import| • export rsa <name> URL [tftp|ftp] – Exports a keypair related configuration zeroize] • generate rsa <name> <1024-2048> – Generates a keypair • <1024-2048> – Size of keypair in bits •...
  • Page 295 Global Configuration Commands 5-27 pki [authenticate|enroll| Configures certificate parameters. The public key export|import|trustpoint] infrastructure is a protocol that creates encrypted public keys using digital certificates from certificate authorities. The PKI ensures each online party is who they claim to be. •...
  • Page 296 5-28 Motorola RF Switch CLI Reference Guide Usage Guidelines Follow the table to calculate how many character are required to add the key size for authentication and encryption. This is used while configuring Manual IPSEC only. For example, To create a key with authentication type as ESP-SHA and encryption type as AES-192, enter 20+16=36 characters.
  • Page 297 Global Configuration Commands 5-29 RFSwitch(config-crypto-map)#set session-key inbound esp 257 cipher 12345678901234567890123456789012345678901234 authenticator 12345678901234567890123456789012345678901234 RFSwitch(config-crypto-map)#set session-key outbound esp 258 cipher 12345678901234567890123456789012345678901234 authenticator 12345678901234567890123456789012345678901234 RFSwitch(config-crypto-map)#exit RFSwitch(config)#interface vlan11 RFSwitch(config-if)#crypto map manual RFSwitch(config-if)#show running-config ! configuration of RFS7000 version 1.2.0.0-024D version 1.1 aaa authentication login default none service prompt crash-info username "admin"...
  • Page 298 5-30 Motorola RF Switch CLI Reference Guide crypto isakmp key 0 12345678 address 21.1.1.1 ........................crypto ipsec transform-set tfset1 esp-3des esp-sha-hmac mode tunnel crypto ipsec transform-set tfset-manual esp-3des esp-sha- hmac mode tunnel crypto map MAP1 10 ipsec-isakmp set peer 11.1.1.1...
  • Page 299 Global Configuration Commands 5-31 set transform-set tfset-manual ........................interface vlan11 ip address 11.1.1.2/24 crypto map manual ........................RFSwitch(config-if)# Usage Guidelines A peer address can be deleted with a wrong isakmp value. Crypto currently matches only the IP address when a command is issued RFSwitch(config)#crypto isakmp key 12345678 address 4.4.4.4 RFSwitch(config)#show running-config...
  • Page 300: Use Case 1: Configuring Remote Vpn

    (trusted network) using IPSec VPN functionality. A Motorola client is associated to a WLAN (say wlan1) attached to vlan2 on the switch. vlan2 is on subnet 10.1.1.x and is running a DHCP server that assigns IP addresses for this subnet.
  • Page 301 Global Configuration Commands 5-33 In case the client is VPN enabled, it initiates a connection with the VPN server on our switch, the “conversation” that occurs between the peers consists of device authentication via Internet Key Exchange (IKE), followed by user authentication using IKE Extended Authentication (Xauth), push client relate configuration (using Mode Configuration), and IPsec security association (SA) creation.
  • Page 302 5-34 Motorola RF Switch CLI Reference Guide 4. Create and configure another VLAN interface named vlan3. RFSwitch(config)#interface vlan 3 RFSwitch(config-if)#ip address dhcp Use the commands below to configure IPSec VPN on the switch: 1. Create an Extended ACL. RFSwitch(config-ext-nacl)#ip access-list extended 101 2.
  • Page 303: Use Case 2: Configuring Site-To-Site Vpn

    Global Configuration Commands 5-35 5.1.8.2 Use Case 2: Configuring Site-to-Site VPN Intranets use unregistered addresses connected over the public internet by site-to-site VPN. In this scenario, NAT is required for the connections to the public internet. However NAT is not required for traffic between the two intranets, which can be transmitted using a VPN tunnel over the public Internet.
  • Page 304 5-36 Motorola RF Switch CLI Reference Guide RFSwitch(config-crypto-map)#set peer 15.1.1.20 RFSwitch(config-crypto-map)#match address 150 RFSwitch(config-crypto-map)#set transformset TFSET RFSwitch(config-crypto-map)#set security-association lifetime seconds 3600 f.Associate the crypto map with a VLAN interface. RFSwitch(config)#interface vlan1 RFSwitch(config-if)#ip address 11.1.1.10/24 RFSwitch(config-if)#crypto map THIRDMAP RFSwitch(config-if)#interface vlan2100 RFSwitch(config-if)#ip address 12.1.1.10/24 RFSwitch(config-if)#ip route 0.0.0.0/0 11.1.1.2...
  • Page 305 Global Configuration Commands 5-37 RFSwitch(config-crypto-map)#set transformset TFSET RFSwitch(config-crypto-map)#set security-association lifetime seconds 3600 f.Associate the crypto map with a VLAN interface. RFSwitch(config)#interface vlan1 RFSwitch(config-if)#ip address 15.1.1.20/24 RFSwitch(config-if)#crypto map THIRDMAP RFSwitch(config-if)#interface vlan2100 RFSwitch(config-if)#ip address 13.1.1.20/24 RFSwitch(config-if)#ip route 0.0.0.0/0 15.1.1.2...
  • Page 306 5-38 Motorola RF Switch CLI Reference Guide 5.1.9 do  Global Configuration Commands Runs commands from either the User Exec or Priv Exec mode Supported in the following platforms: • RFS7000 • RFS6000 • RFS4000 Syntax do <privilege mode commands>...
  • Page 307: End

    Global Configuration Commands 5-39 5.1.10 end  Global Configuration Commands Ends the current mode and changes to the EXEC mode Supported in the following platforms: • RFS7000 • RFS6000 • RFS4000 Syntax Parameters None. Example RFSwitch(config)#end RFSwitch#? Priv Exec commands:...
  • Page 308: Errdisable

    5-40 Motorola RF Switch CLI Reference Guide 5.1.11 errdisable  Global Configuration Commands Enables the timeout mechanism for the port to be enabled back after an error Supported in the following platforms: • RFS7000 • RFS6000 • RFS4000 Syntax errdisable recovery [cause bpduguard|interval <10-1000000>]...
  • Page 309: Ftp

    5-41 5.1.12 ftp  Global Configuration Commands Configures the switch as an FTP server Supported in the following platforms: • RFS7000 • RFS6000 • RFS4000 Syntax ftp [enable|password|rootdir|username] ftp password [0 <secret>|1 <secret>|<secret>] ftp rootdir <DIR> ftp username <LINE> Parameters...
  • Page 310 5-42 Motorola RF Switch CLI Reference Guide Usage Guidelines NOTE: The string size of encrypted password (option 1, Password is encrypted with SHA1 algorithm) must be exactly 40 characters. Example RFSwitch(config)#ftp enable RFSwitch(config)#...
  • Page 311: Hostname

    5-43 5.1.13 hostname  Global Configuration Commands Changes the system’s network name Supported in the following platforms: • RFS7000 • RFS6000 • RFS4000 Syntax hostname <host-name> Parameters <host-name> The name of the switch. This name is displayed when the switch is accessed from any network.
  • Page 312: Interface

    SWITCH NOTE: The interfaces mentioned below are supported in the following platforms: • ge <index> – RFS7000 supports 4 GE’s and RFS6000 supports 8 GE’s • sa <1-4> – Only supported with RFS7000 • me1 – Only supported with RFS7000 and RFS6000 •...
  • Page 313 Gigabit Ethernet interface (4 for RFS7000 and 8 for RFS6000) Fast Ethernet interface sa <1-4> Static Aggregate interface (in RFS7000 only) WAN interface (in RFS6000 only) vlan <1-4094> Defines the VLAN interface wwan( Supported on Defines Wireless WAN Interface RFS4000 and RFS6000)
  • Page 314 5-46 Motorola RF Switch CLI Reference Guide 5.1.15 ip  Global Configuration Commands Configures a selected Internet Protocol (IP) component Supported in the following platforms: • RFS7000 • RFS6000 • RFS4000 NOTE: Using moves you to the access-list extended instance. For more information, see...
  • Page 315 Global Configuration Commands 5-47 ip dhcp excluded-address <IP-range-low> {<IP-range-high>} ip dhcp option <option-name> <option-code> [ascii|ip] ip dhcp ping timeout <1-10> ip dhcp pool <pool-name> ip domain-name <domain-name> ip dos [ascend|bcast-mcast-icmp|chargen|enable|fraggle| ftp-bounce|invalid-protocol|option-route| router-solicit|router-advt| smurf|snork|tcp-intercept|tcp-max-incomplete|twinge] log [<0-8>|alerts|critical|debugging|emergencies|error| informational|none|notifications|warnings] ip http [secure-server|secure-trustpoint|server] ip http [secure-server|server] ip http secure-trustpoint <trustpoint-name>...
  • Page 316 5-48 Motorola RF Switch CLI Reference Guide ip nat inside destination static <IP> <port> [tcp|udp] <outside-global-IP> {<outside-port>} ip nat inside destination static <IP> {<outside-global-IP> <outside-port>} ip nat inside source list <acl-name> interface [<interface- name>|vlan <1-4094>] overload ip nat inside source static <local-IP> <outside-global-IP>...
  • Page 317 Global Configuration Commands 5-49 ip dhcp [bootp|class| DHCP server configuration excluded-address|option| • bootp ignore – Defines the BOOTP specific configuration. ping|pool] • ignore – Configures the DHCP server to ignore BOOTP requests • class <class-name> – Defines a DHCP class and enters the DHCP class configuration mode •...
  • Page 318 5-50 Motorola RF Switch CLI Reference Guide http [secure-server| Hyper Text Transfer Protocol (HTTP) configuration secure-trustpoint| • secure-server – Sets the device to start the Secure HTTP server] Server (HTTPS) • secure-trustpoint <trustpoint-name> – Sets the name of the trustpoint used for secure connection to <trustpoint- name>...
  • Page 319 Global Configuration Commands 5-51 nat [inside|outside] Defines Network Address Translation (NAT) configuration [destination|source] values. These following commands are possible for NAT • ip nat [inside|outside] destination static <IP> <port> [tcp|udp] <outside-global-IP> {<outside-port>} – Sets the parameters for translation for inside destination •...
  • Page 320 5-52 Motorola RF Switch CLI Reference Guide • ip nat [inside|outside] source static <outside-global-IP> <local-IP> – Sets the parameters for translation for inside sources • inside – Indicates inside address translation • outside – Indicates outside address translation • source – Indicates source address translation •...
  • Page 321 Global Configuration Commands 5-53 dos [ascend| Configures the Denial of Service (DOS) attack parameters. bcast-mcast-icmp| • ascend – Enables Ascend DoS checks chargen|enable|fraggle| • bcast-mcast-icmp – Detects Broadcast/Multicast Icmp ftp-bounce| traffic as attack invalid-protocol| • chargen – Enables chargen DoS checks option-route|router-advt| •...
  • Page 322 5-54 Motorola RF Switch CLI Reference Guide • tcp -max-incomplete – Configures the maximum half- open TCP connections in the system • high <1-1000> – Sets the upper threshold value between 1 and 1000 • low <1 - 1000> – Sets the lower threshold value...
  • Page 323 Global Configuration Commands 5-55 igmp snooping Configures IGMP Snooping parameters. {[querier|unknown- • unknown-multicast-fwd – Optional. Forwards packets multicast-fwd|vlan]} from unregistered multicast servers • querier {[address|max-response-time|query- interval|timer|version]}}– Configures IGMP querier. All options are optional • address <IP> – Sets GMP querier source IP address •...
  • Page 324 5-56 Motorola RF Switch CLI Reference Guide Usage Guidelines 1 1. Use the command along with ip to undo any IP based configuration. [no] ip(access-list|default-gateway|dos|dhcp|domain-lookup| domain-name|http|local|name-server|nat|route|routing|ssh|telnet) 2. When using the parameter, enter the following contexts: ip access-list • ext-nacl – Extended ACL. For more information, see Chapter 14, Extended ACL Instance •...
  • Page 325 Global Configuration Commands 5-57 5. The switch leads you to a new mode (config-dhcp-class). Use this mode to add an address range used with the DHCP class associated with the pool. RFSwitch(config-dhcp-class)#address range 11.22.33.44 Example RFSwitch(config)#ip access-list extended TestACL RFSwitch(config-ext-nacl)# RFSwitch(config)#ip access-list standard TestStdACL RFSwitch(config-std-nacl)# RFSwitch(config)#ip dhcp pool TestPool...
  • Page 326: License

    5-58 Motorola RF Switch CLI Reference Guide 5.1.16 license  Global Configuration Commands Adds a feature license Supported in the following platforms: • RFS7000 • RFS6000 • RFS4000 Syntax license <feature> <license-key> Parameters <feature> The feature for which the license is to be added <license-key>...
  • Page 327: Line

    Configures the terminal line Opens the config-line mode, where you can configure the various parameters for the selected terminal. Supported in the following platforms: • RFS7000 • RFS6000 • RFS4000 Syntax line [console|vty] line console <0-0> line vty <0-871> {<0-871>} Parameters line console <0-0>...
  • Page 328: Local

    5-60 Motorola RF Switch CLI Reference Guide 5.1.18 local  Global Configuration Commands Sets the username and password for local user authentication Supported in the following platforms: • RFS7000 • RFS6000 • RFS4000 Syntax local username <username> password [<password>|0 <password>| 2 <password>]...
  • Page 329: Logging

    Global Configuration Commands 5-61 5.1.19 logging  Global Configuration Commands Modifies message logging facilities Supported in the following platforms: • RFS7000 • RFS6000 • RFS4000 Syntax logging [aggregation-time|buffered|cli-commands|console| facility|host|monitor|on|snmp-set|syslog] logging aggregation-time <1-60> logging [buffered|console|monitor|syslog] [<0-7>|alerts| critical|debugging|emergencies|errors|informational| notifications|warnings] logging facility [local0|local1|local2|local3|local4|local5| local6|local7] logging host <IP>...
  • Page 330 5-62 Motorola RF Switch CLI Reference Guide buffered [<0-7>|alerts| Sets the buffered logging level critical|debugging| • <0-7> – Enter the logging severity level (0-7) emergencies|errors| • alerts – Immediate action needed, (severity=1) informational| • critical – Critical conditions, (severity=2) notifications|warnings] •...
  • Page 331 Global Configuration Commands 5-63 monitor [<0-7>|alerts| Sets the terminal lines logging level critical|debugging| emergencies|errors| informational| notifications|warnings] Enables the logging of system messages snmp-set enable Set logging for SNMP set requests • enable – Enable SNMP set logging syslog [<0-7>|alerts| Sets the syslog servers logging level critical|debugging| emergencies|errors| informational|...
  • Page 332: Mac

    5-64 Motorola RF Switch CLI Reference Guide 5.1.20 mac  Global Configuration Commands Configures MAC access lists (goes to the MAC ACL mode) For more information on this mode, see Chapter 16, Extended MAC ACL Instance. Supported in the following platforms: •...
  • Page 333: Mac-Address-Table

    5-65 5.1.21 mac-address-table  Global Configuration Commands Configures the MAC address table Supported in the following platforms: • RFS7000 • RFS6000 • RFS4000 Syntax mac-address-table aging-time [0|<10-1000000>] Parameters aging-time The duration for which a learned mac address persists after [0|<10-1000000>] the last update •...
  • Page 334: Mac-Name

    5-66 Motorola RF Switch CLI Reference Guide 5.1.22 mac-name  Global Configuration Commands Sets a name to the MAC address Supported in the following platforms: • RFS7000 • RFS6000 • RFS4000 Syntax mac-name <MAC> <mac-name> Parameters <MAC> <name> The MAC address to set a ease-of-use name for <mac-name>...
  • Page 335: Management

     Global Configuration Commands Sets management interface properties Limits local access (through web/telnet) to management interfaces only. Supported in the following platforms: • RFS7000 • RFS6000 • RFS4000 Syntax management secure Parameters secure Limits local access (Web/Telnet etc.) to the management...
  • Page 336: Ntp

    5-68 Motorola RF Switch CLI Reference Guide 5.1.24 ntp  Global Configuration Commands Configure Network Time Protocol (NTP) values Supported in the following platforms: • RFS7000 • RFS6000 • RFS4000 Syntax ntp [access-group|authenticate|authentication-key|autokey| broadcast|broadcastdelay|master|peer|server|trusted-key] ntp access-group [peer|query-only|serve|serve-only] [<1-99>|<100-199>|<1300-1999>|<2000-2699>] ntp authenticate ntp authentication-key <key>...
  • Page 337 Global Configuration Commands 5-69 Parameters access-group Controls NTP access. [peer|query-only|serve| • peer – Provides full access serve-only] [<1-99>| • query-only – Allows only control queries <100-199>|<1300-1999>| • serve – Provides server and query access <2000-2699>] • serve-only – Provides only server access •...
  • Page 338 5-70 Motorola RF Switch CLI Reference Guide broadcast Configures the NTP broadcast service. [client|destination] • client – Listens to NTP broadcasts • destination <IP> {[key <1-65534>|version <1-4>]}– Configures broadcast destination address • IP Address – Defines the destination broadcast IP address •...
  • Page 339 Global Configuration Commands 5-71 • prefer {version <1-4>} – Sets the preference for autokey. Optionally set the NTP version to use • version <1-4> {prefer} – Sets the NTP version to use. Optionally set this peer as preferred peer server Configures the NTP server.
  • Page 340 5-72 Motorola RF Switch CLI Reference Guide RFSwitch(config)#ntp peer TestPeer autokey ? prefer Prefer this peer when possible version Configure NTP version <cr> RFSwitch(config)#ntp peer TestPeer autokey prefer ? version Configure NTP version <cr> RFSwitch(config)#ntp peer TestPeer autokey prefer version ? <1-4>...
  • Page 341: Prompt

    5-73 5.1.25 prompt  Global Configuration Commands Configures and sets the systems prompt Supported in the following platforms: • RFS7000 • RFS6000 • RFS4000 Syntax prompt <prompt> Parameters <prompt> Enter the new prompt displayed by the system. The following operational modifiers are available.
  • Page 342: Radius-Server

    5-74 Motorola RF Switch CLI Reference Guide 5.1.26 radius-server  Global Configuration Commands Enters the RADIUS server mode, the system prompt changes from the default config mode to the RADIUS server mode Supported in the following platforms: • RFS7000 • RFS6000 •...
  • Page 343 Global Configuration Commands 5-75 retransmit <1-100> Specifies the number of retries to active server. • <0-100> – Number of retries for a transaction (default is 3) timeout <1-1000> Time to wait for a RADIUS server to reply. • <1-1000> – Wait time (default 5 seconds) Usage Guidelines The RADIUS server host is used to configure RADIUS server details.
  • Page 344: Ratelimit

    5-76 Motorola RF Switch CLI Reference Guide 5.1.27 ratelimit  Global Configuration Commands Configures rate limit parameters Supported in the following platforms: • RFS7000 • RFS6000 • RFS4000 Syntax ratelimit [arp|bcast|mcast|ucast] [<0-7>|alerts|critical| debugging|emergencies|errors|informational|notifications| warnings] Parameters ratelimit Sets the logging levels for ratelimit feature.
  • Page 345: Redundancy

    Global Configuration Commands 5-77 5.1.28 redundancy  Global Configuration Commands Configures redundancy group parameters Supported in the following platforms: • RFS7000 • RFS6000 • RFS4000 Syntax redundancy [auto-revert|auto-revert-period| critical-resource-ip|dhcp-server|discovery-period| dynamic-ap-load-balance|enable|group-id|handle-stp| heartbeat-period|hold-period|interface-ip|manual-revert| member-ip|mode] redundancy auto-revert enable redundancy auto-revert-period <1-1800> redundancy critical-resource-ip <IP>...
  • Page 346 5-78 Motorola RF Switch CLI Reference Guide Parameters auto-revert enable Enables auto-revert auto-revert-period Sets the redundancy auto-revert delay interval in <1-1800> minutes. The default is 5 minutes critical-resource-ip Sets critical resource IP address <ip_address> • <ip_address> – IP address of the critical resource...
  • Page 347 Global Configuration Commands 5-79 interface-ip <IP> Sets the redundancy interface IP address manual-revert Reverts standby to non-active mode member-ip <IP> Adds a member with the IP <IP> to this redundancy group mode [primary|standby] Sets the mode to either primary or standby Example RFSwitch(config)#redundancy discovery-period 20 RFSwitch(config)#...
  • Page 348: Role

    5-80 Motorola RF Switch CLI Reference Guide 5.1.29 role  Global Configuration Commands Configures role parameters Opens the role configuration mode to enable further configuration of the (confi-role) role. For more information, see Chapter 26, Role Instance. NOTE: Avance Security Licence must be installed for Role Based Firewall to work.
  • Page 349 Global Configuration Commands 5-81 RFSwitch(config-role)# ? RFSwitch(config)#role assignment immediate enable RFS7000(config)#show role role officeuser 10 authentication-type any encryption-type any ap-location exact "office" essid office mu-mac any group any role globaluser 11 authentication-type any encryption-type any ap-location any essid any mu-mac any group any role default-role 10001 authentication-type any...
  • Page 350: Rtls

    5-82 Motorola RF Switch CLI Reference Guide 5.1.30 rtls  Global Configuration Commands Configures Real Time Location System (RTLS) parameters This enables the Switch to provide complete visibility to the location of assets and thereby enabling location based service. Supported in the following platforms: •...
  • Page 351: Service

    Retrieves system data (tables, log files, configuration, status and operation) for debugging and problem resolution Supported in the following platforms: • RFS7000 • RFS6000 • RFS4000 To view the command of User Exec and Priv Exec Mode, refer to Chapter 2,...
  • Page 352 5-84 Motorola RF Switch CLI Reference Guide diag [enable|limit|period| Services diagnostics configuration. tech-support-period| • enable – Enable in service diagnostics tech-support-url] • limit – Displays diagnostic limit command • period <100-30000> – Sets diagnostics period • tech-support-period <10-10080> – Sets the tech support period.
  • Page 353 Global Configuration Commands 5-85 set [command- Sets service parameters. history|reboot- • command-history <10-300> – Sets the number of history|upgrade-history] previous commands to remember. Default 200 • reboot-history <10-100> – Sets the number of previous reboot details to remember. Default 50 •...
  • Page 354: Smtp-Notification

    5-86 Motorola RF Switch CLI Reference Guide 5.1.32 smtp-notification  Global Configuration Commands Modifies SMTP notification parameters Supported in the following platforms: • RFS7000 • RFS6000 • RFS4000 Syntax smtp-notification [authenticate|enable|password|port|prefix| recipient|sender|smtp-server-address|user] smtp-notification authentication enable smtp-notification enable {traps [all|dhcp-server| diagnostics|miscellaneous|mobility|nsm|radius-server|...
  • Page 355 Global Configuration Commands 5-87 smtp-notification enable traps wireless ap-detection {[externalAPDetected|externalAPRemoved]} smtp-notification enable traps wireless ids {[muExcessiveEvents|radioExcessiveEvents| switchExcessiveEvents]} smtp-notification enable traps wireless radio {[adopted|unadopted|detectedRadar]} smtp-notification enable traps wireless self-healing activated smtp-notification enable traps wireless station {[associated|deniedAssociationAsPortCapacityReached| deniedAssociationOnCapability|deniedAssociationOnErr| deniedAssociationOnInvalidWPAWPA2IE| deniedAssociationOnRates|deniedAssociationOnShortPream| deniedAssociationOnSpectrum|deniedAssociationOnSSID| deniedAuthentication|disassociated|radiusAuthFailed| tkipCounterMeasures|vlanChanged]} smtp-notification enable traps wireless wlan {[vlanUserLimitReached|webPortalUnavailable|...
  • Page 356 5-88 Motorola RF Switch CLI Reference Guide Parameters authenticate enable Enables SMTP Server authentication enable traps [all| Enables SMTP notification for traps dhcp-server|diagnostics| • all – Enables SMTP Notification for all traps miscellaneous|mobility| • dhcp-server [dhcpServerDown|dhcpServerUp]– Enables nsm|radius-server| dhcp-server traps redundancy|snmp •...
  • Page 357 Global Configuration Commands 5-89 • miscellaneous [caCertExpired|lowFsSpace|periodicHeartbeat| processMaxRestartsReached|savedConfigModified| serverCertExpired|switchEvent] – Enables miscellaneous traps • caCertExpired – CA certificate has expired • lowFsSpace – Available file system space is lower than the limit • periodicHeartbeat – Periodic Heartbeat • processMaxRestartsReached – Process has reached max restart.
  • Page 358 5-90 Motorola RF Switch CLI Reference Guide • nsm [dhcpIPChanged] – Enables nsm traps and changes the DHCP IP • radius-server [radiusServerDown|radiusServerUp] – Enables radius-server traps • radiusServerDown – Radius Server is down • radiusServerUp – Radius Server is up •...
  • Page 359 Global Configuration Commands 5-91 • wireless [ap-detection|ids|radio|self-healing|station| wlan] – Enables wireless traps • ap-detection [externalAPDetected| externalAPRemoved] – Enables wireless AP detection traps • externalAPDetected – Detects an external AP • externalAPRemoved – Removes an external AP • id [muExcessiveEvents|radioExcessiveEvents| switchExcessiveEvents] – Enables wireless IDS traps •...
  • Page 360 5-92 Motorola RF Switch CLI Reference Guide • associated – Wireless station associated • deniedAssociationAsPortCapacity Reached – Wireless station denied association due to port capacity reached • deniedAssociationOnCapability – Wireless station denied association due to unsupported capability • deniedAssociationOnErr – Wireless station denied association due to internal error •...
  • Page 361 Global Configuration Commands 5-93 • wlan [vlanUserLimitReached|webPortalUnavailable| webPortalUnconnected||webPortalUnreachable] – Enables wireless wlan traps when: • vlanUserLimitReached – WLAN-VLAN user limit is reached • webPortalUnavailable – Web portal unavailable • webPortalUnconnected – Web portal disconnected • webPortalUnreachable – Web portal unreachable password 0 <password>...
  • Page 362: Snmp-Server

    5-94 Motorola RF Switch CLI Reference Guide 5.1.33 snmp-server  Global Configuration Commands Modifies SNMP engine parameters Supported in the following platforms: • RFS7000 • RFS6000 • RFS4000 Syntax snmp-server [community|contact|enable|engine-id|host| location|manager|periodic-heartbeat-interval|sysname|user] snmp-server community <community-string> [ro|rw] snmp-server contact <contact-person> snmp-server enable traps {[all|dhcp-server|diagnostics|...
  • Page 363 Global Configuration Commands 5-95 snmp-server enable traps wireless ids {[muExcessiveEvents|radioExcessiveEvents| switchExcessiveEvents]} snmp-server enable traps wireless radio {[adopted|unadopted|detectedRadar]} snmp-server enable traps wireless self-healing activated snmp-server enable traps wireless station {[associated|deniedAssociationAsPortCapacityReached| deniedAssociationOnCapability|deniedAssociationOnErr| deniedAssociationOnInvalidWPAWPA2IE| deniedAssociationOnRates|deniedAssociationOnShortPream| deniedAssociationOnSpectrum|deniedAssociationOnSSID| deniedAuthentication|disassociated|radiusAuthFailed| tkipCounterMeasures|vlanChanged]} snmp-server enable traps wireless wlan {[vlanUserLimitReached|webPortalUnavailable| webPortalUnreachable|webPortalUnconnected]} snmp-server enable traps wireless-statistics [mesh|...
  • Page 364 5-96 Motorola RF Switch CLI Reference Guide pktsps-greater-than|tput-greater-than| undecrypt-percent-greater-than] snmp-server engineid [netsnmp {<word>}|text <word>] snmp-server host <IP> [v2c|v3] {<1-65535>} snmp-server location <location-text> snmp-server manager [all|v2|v3] snmp-server periodic-heartbeat-interval <interval> snmp-server sysname snmp-server user [snmpmanager|snmpoperator|snmptrap] Parameters community Sets the community string and access privileges.
  • Page 365 Global Configuration Commands 5-97 enable traps dhcp-server Enables dhcp-server traps. {[dhcpServerDown| • dhcpServerDown – DHCP server down dhcpServerUp]} • dhcpServerUp – DHCP server up enable traps diagnostics Enables diagnostics traps. {[cpuLoad1Min| • cpuLoad15Min cpuLoad5Min| • cpuLoad1Min cpuLoad15Min| • cpuLoad5Min fanSpeedLow| •...
  • Page 366 5-98 Motorola RF Switch CLI Reference Guide enable traps mobility Enable mobility traps {[operationallyDown| • operationallyDown – Mobility down operationallyUp| • operationallyUp – Mobility up peerDown|peerUp]} • peerDown – Mobility peer down • peerUp – Mobility peer up enable traps nsm...
  • Page 367 Global Configuration Commands 5-99 enable traps wireless Enables wireless traps {[ap-detection|ids| • ap-detection {[externalAPDetected| radio|self-healing| externalAPRemoved]} – Enables wireless AP station|wlan]} detection traps • externalAPDetected – External AP detected • externalAPRemoved – External AP detected • ids {[muExcessiveEvents| radioExcessiveEvents|switchExcessiveEvents]} – Enables wireless IDS traps •...
  • Page 368 5-100 Motorola RF Switch CLI Reference Guide deniedAssociationOnSpectrum| deniedAssociationOnSSID|deniedAuthent ication| disassociated|radiusAuthFailed| tkipCounterMeasures|vlanChanged]} – Enables wireless station traps • associated– Wireless station associated • deniedAssociationAsPortCapacityReached – Wireless station denied association - port capacity reached • deniedAssociationOnCapability – Wireless station denied association due to unsupported capability •...
  • Page 369 Global Configuration Commands 5-101 • tkipCounterMeasures – TKIP counter measures invoked • vlanChanged – Wireless station VLAN ID has changed • wlan {[vlanUserLimitReached|webPortal Unavailable|webPortalUnreachable|webPortal Unconnected]}– Enables wireless wlan traps • vlanUserLimitReached – WALN/VLAN user limit reached • webPortalUnavailable – Webportal is unavailable •...
  • Page 370 5-102 Motorola RF Switch CLI Reference Guide snmp-server enable traps Modifies wireless-stats rate traps wireless-statistics [mesh| • mesh [avg-bit-speed-less-than| min-packets|mobile-unit| avg-retry-greater-than|avg-signal-less-than| radio|wireless-switch|wlan] gave-up-percent-greater-than| nu-percent-greater-than| num-mobile-units-greater-than| pktsps-greater-than|tput-greater-than| undecrypt-percent-greater-than] – Modifies mesh rate traps • avg-bit-speed-less-than – Average bit speed in Mbps between <0.00> and <54.00>...
  • Page 371 Global Configuration Commands 5-103 • tput-greater-than – Throughput in Mbps is greater than 0.00 and less than or equal to 100000.00 • undecrypt-percent-greater-than – Percentage of undecryptable pkts is greater than 0.00 and less than or equal to 100.00 • min-packets <1-65535> – Minimum packets required for sending the trap •...
  • Page 372 5-104 Motorola RF Switch CLI Reference Guide • pktsps-greater-than – Packets per sec is greater than 0.00 and less than or equal to 100000.00 • tput-greater-than – Throughput in Mbps is greater than 0.00 and less than or equal to 100000.00...
  • Page 373 Global Configuration Commands 5-105 user [snmpmanager| Defines a user who can access the SNMP engine. snmpoperator|snmptrap] • snmpmanager v3– Manager user • v3 [auth|encrypted] – User using v3 security model • auth md5 <password> – Sets authentication parameters for the user •...
  • Page 374 5-106 Motorola RF Switch CLI Reference Guide RFSwitch(config)#snmp-server enable traps wireless detection externalAPDetected RFSwitch(config)# RFSwitch(config)#snmp-server enable traps wireless excessiveProbes RFSwitch(config)# RFSwitch(config)#snmp-server enable traps wireless radio adopted RFSwitch(config)# RFSwitch(config)#snmp-server enable traps wireless self- healing activated RFSwitch(config)# RFSwitch(config)#snmp-server enable traps wireless station...
  • Page 375: Spanning-Tree

    Global Configuration Commands 5-107 5.1.34 spanning-tree  Global Configuration Commands Configures spanning-tree commands Supported in the following platforms: • RFS7000 • RFS6000 • RFS4000 Syntax spanning-tree [mst|portfast] spanning-tree mst [<0-15> priority <0-61440>| cisco-interoperability [enable|disable]|configuration| forward-time <4-30>|hello-time <1-10>|max-age <6-40>| max-hops <7-127>]...
  • Page 376 5-108 Motorola RF Switch CLI Reference Guide Parameters mst [<0-15> priority Enables the Multiple Spanning Tree Protocol on a bridge <0-61440>| • <0-15> priority <0-61440> – Set the bridge priority for an cisco-interoperability MST instance to the value specified. Use the no...
  • Page 377 Global Configuration Commands 5-109 • max-age <6-40> – Max-age is the maximum time in seconds for which (if a bridge is the root bridge) a message is considered valid. This prevents the frames from looping indefinitely. The value of max-age must be greater than twice the value of hello time plus one, but less than twice the value of forward delay minus one The permissible range for max-age is 6-40 seconds.
  • Page 378 5-110 Motorola RF Switch CLI Reference Guide portfast Enables the portfast feature on a bridge. It has the [bpdufilter|bpduguard] following options: default • bpdufilter default – Use the command to bpdu-filter set the portfast BPDU filter for the port. Use the parameter with this command to revert the port BPDU filter value to default.
  • Page 379: Timezone

    5-111 5.1.35 timezone  Global Configuration Commands Configures switch timezone settings Supported in the following platforms: • RFS7000 • RFS6000 • RFS4000 Syntax timezone <timezone> Parameters <timezone> Press <tab> to traverse a list of files. This displays a list of files containing timezone information.
  • Page 380: Traffic-Shape

    5-112 Motorola RF Switch CLI Reference Guide 5.1.36 traffic-shape  Global Configuration Commands Optimizes network traffic Supported in the following platforms: • RFS7000 SWITCH NOTE: This command is not supported with: • RFS6000 • RFS4000 Syntax traffic-shape [class|priority-map] traffic-shape class <class-identifier> [max-buffers| max-latency|rate] traffic-shape class <class-identifier>...
  • Page 381 Global Configuration Commands 5-113 Parameters class <class-identifier> Traffic shaping packet class. Select an identifier between max-buffers ... red-level 1-4. Traffic shaping also uses queues numbered 0-7 • max-buffers – Maximum traffic-shape queue length in class <class-identifier> packets max-buffers ... red- •...
  • Page 382 5-114 Motorola RF Switch CLI Reference Guide RFSSwitch(config)#show traffic-shape config Traffic shaping class 1 Rate: 10 Mbps Prio-| max | | max rity | pkts | pkts pcnt | latency 0 | 1000 | 75% | - 1 | 1000 |...
  • Page 383: Username

    5-115 5.1.37 username  Global Configuration Commands Establishes user name authentication Supported in the following platforms: • RFS7000 • RFS6000 • RFS4000 Syntax username <name> [access|password|privilege] username <name> access [console|ssh|telnet|web] username <name> password [0 <password>|1 <password>| <password>] username <name> privilege [helpdesk|monitor|nwadmin|...
  • Page 384: Encrypting A Password

    5-116 Motorola RF Switch CLI Reference Guide • privilege [helpdesk|monitor|nwadmin|superuser| sysadmin|webadmin] – Sets user access privilege • helpdesk – Helpdesk (troubleshooting) access • monitor – Monitor (read-only) access • nwadmin – Network (wired & wireless) admin access • superuser – Superuser (root) access •...
  • Page 385 Global Configuration Commands 5-117 username admin password 1 8e67bb26b358e2ed20fe552ed6fb832f397a507d username admin privilege superuser username operator password 1 fe96dd39756ac41b74283a9292652d366d73931f username Jiri password 1 399f01e13e372ba2dc02f37d869021873e60aa85 3. The password in the above running configuration is displayed in an encrypted format even though it was entered as plain text in Step 1.
  • Page 386: Vpn

    5-118 Motorola RF Switch CLI Reference Guide 5.1.38 vpn  Global Configuration Commands Configures VPN authentication settings Supported in the following platforms: • RFS7000 • RFS6000 • RFS4000 Syntax vpn authentication-method [local|radius] Parameters authentication-method Selects the authentication scheme. [local|radius] • local – Used for user based authentication •...
  • Page 387: Wireless

    This command moves you to the instance. For more information, see config-wireless Chapter 20, Wireless Instance. Supported in the following platforms: • RFS7000 • RFS6000 • RFS4000 Syntax wireless Parameters None Usage Guidelines The wireless command is used to enter the config-wireless instance wherein you can configure wireless parameters.
  • Page 388: Wlan-Acl

    5-120 Motorola RF Switch CLI Reference Guide 5.1.40 wlan-acl  Global Configuration Commands Applies an ACL on a WLAN index Supported in the following platforms: • RFS7000 • RFS6000 • RFS4000 Syntax wlan-acl <1-256> [<1-99>|<100-199>|<1300-1999>| <2000-2699>|<acl-name>] [in|out] Parameters WLAN index number <1-256>...
  • Page 389 Global Configuration Commands 5-121 When a packet goes out of a access port, it becomes outbound traffic to the wireless LAN index. Apply an ACL to a WLAN index in outbound direction to filter traffic from both wired and wireless interfaces. can be attached both in the inbound and outbound directions.
  • Page 390 5-122 Motorola RF Switch CLI Reference Guide ip access-list standard stdacl3 deny host 30.0.0.14 rule-precedence 54 no access-list stdacl wlan-acl 5 stdacl1 in wlan-acl 6 stdacl2 in The stdacl must be detached from the interface to which it was associated and stdacl3 must be attached to that interface.
  • Page 391: Network-Element-Id

    Global Configuration Commands 5-123 5.1.41 network-element-id  Global Configuration Commands Use this command to set system’s network-element-ID Supported in the following platforms: • RFS7000 • RFS6000 • RFS4000 Syntax network-element-id <element-id> Parameters <element-id> Specifies system’s network element ID Example RFSwitch(config)#network-element-id test...
  • Page 392: Firewall

    5-124 Motorola RF Switch CLI Reference Guide 5.1.42 firewall  Global Configuration Commands Use this command to set system’s network-element-ID Supported in the following platforms: • RFS7000 • RFS6000 • RFS4000 Syntax firewall [802.2-encapsulation|dhcp-snoop-conflict- detection|dhcp-snoop-conflict-logging|clamp|enable|flow| virtual-defrag|vlan-stacking] firewall enable firewall 802.2-encapsulation permit...
  • Page 393 Global Configuration Commands 5-125 clamp [path-mtu| Configures wireless firewall tcp-mss] • clamp [path-mtu|tcp-mss] – Displays clamp value • path-mtu – Displays limit discovered path-mtu • tcp-mss – Displays limit TCP to inner path-mtu dhcp-snoop-conflict- Displays IP Address, MAC Address conflict detection detection disable based on dip-snoop-table •...
  • Page 394 1st fragment to a value between 8 and 1500 vlan-stacking permit Configures 802.1q VLAN stacking. • permit – Permits 802.1q VLAN stacking that can bypass the firewall. Motorola does not recommend the use of this option Example RFSwitch(config)#firewall clamp RFSwitch(config)#...
  • Page 395: Virtual-Ip

    5-127 5.1.43 virtual-ip  Global Configuration Commands Displays virtual-ip configuration of the switch Supported in the following platforms: • RFS7000 • RFS6000 • RFS4000 Syntax virtual-ip [<A.B.C.D/M>|advt-timeout <1-5>|enable| garp-timeout <30-600>|learning-timeout <2-5>|priority|vmac] virtual-ip <A.B.C.D/M> vlan <1-4096> virual-ip priority [<1-256>|auto] virual-ip vmac <AA-BB-CC-DD-EE-FF>...
  • Page 396 5-128 Motorola RF Switch CLI Reference Guide vmac Virtual MAC to be used by the master <AA-BB-CC-DD-EE-FF> • <AA-BB-CC-DD-EE-FF> – Allowed VMACs: from 00:15:70:88:8a:90 to 00:15:70:88:8b:8f Example RFS7K-1(config)#virtual-ip 192.168.11.10/24 vlan 11 RFS7K-1(config)# RFS7K-1(config)#show virtual-ip config VIP Status : Disabled Cluster Redundancy Status...
  • Page 397: Wwan

    Global Configuration Commands 5-129 5.1.44 wwan  Global Configuration Commands Configures wirless wan finterface Supported in RFS6000 platform only Syntax wwan [apn<STRING>|disable|enable|password<STRING> |username<STRING>] Parameters apn <STRING> Enter the access point name provided by the service provider. • <STRING> – A string of up to 25 characters...
  • Page 398: Aap-Wlan-Acl

    5-130 Motorola RF Switch CLI Reference Guide 5.1.45 aap-wlan-acl  Global Configuration Commands Applies an acl on wlan for aap Supported in the following platforms: • RFS7000 • RFS6000 • RFS4000 Syntax aap-wlan-acl <1-256> [<100-199>|<WORD>]{in/out} For RFS6000, aap-wlan-acl <1-32>[<100-199>|<WORD>]{in/out} Parameters aap-wlan-acl <1-256>...
  • Page 399: Arp

    Global Configuration Commands 5-131 5.1.46 arp  Global Configuration Commands Configures Address Resolution Protocol Supported in RFS4000 platform only Syntax arp [<WORD>|ge <1-5>|sa <1-6>|up1|vlan <1-4094| wwan]{<AB.C.D> <AA-BB-CC-DD-EE-FF>} Parameters arp [<WORD>|ge <1-5>|sa Configures address resolution protocol. <1-6>|up1|vlan <1-4094| • <WORD> – Configures interface name wwan] {<AB.C.D>...
  • Page 400: Power

    5-132 Motorola RF Switch CLI Reference Guide 5.1.47 power  Global Configuration Commands Configures PoE commands Supported in the following platforms: • RFS6000 • RFS4000 Syntax power trap-percent <0-100> Parameters power trap-percent Configures PoE commands <0-100> • trap-percent <0-100> – Configures PoE traps •...
  • Page 401 Global Configuration Commands 5-133...
  • Page 402 5-134 Motorola RF Switch CLI Reference Guide...
  • Page 403: Chapter 6. Crypto-Isakmp Instance

    Crypto-isakmp Instance The (config-crypto-isakmp) instance is used to configure ISAKMP policies. To enter this instance, use this command: RFSwitch(config)#crypto isakmp policy <1-10000> RFSwitch(config-crypto-isakmp)# 6.1 Crypto ISAKMP Config Commands Table 6.1 summarizes commands crypto-isakmp Table 6.1 Crypto ISAKMP Command Summary Command Description Ref.
  • Page 404 Motorola RF Switch CLI Reference Guide Table 6.1 Crypto ISAKMP Command Summary Command Description Ref. lifetime Sets the lifetime for the ISAKMP security association page 6-11 Negates a command or sets its defaults page 6-12 service Defines the switch’s service commands...
  • Page 405: Authentication

    Crypto-isakmp Instance 6.1.1 authentication  Crypto ISAKMP Config Commands Authenticates rsa-sig and pre-share keys Supported in the following platforms: • RFS7000 • RFS6000 • RFS4000 Syntax authentication [pre-share|rsa-sig] Parameters pre-share pre shared key rsa-sig rsa signature Example RFSwitch(config-crypto-isakmp)#authentication pre-share RFSwitch(config-crypto-isakmp)#...
  • Page 406: Clrscr

    Motorola RF Switch CLI Reference Guide 6.1.2 clrscr  Crypto ISAKMP Config Commands Clears the display screen Supported in the following platforms: • RFS7000 • RFS6000 • RFS4000 Syntax clrscr Parameters None. Example RFSwitch(config-crypto-isakmp)#clrscr RFSwitch(config-crypto-isakmp)#...
  • Page 407: Encryption

     Crypto ISAKMP Config Commands Configures the encryption level of the data transmitted using the crypto-isakmp command Supported in the following platforms: • RFS7000 • RFS6000 • RFS4000 Syntax encryption [3des|aes|aes-192|aes-256|des] Parameters 3des Triple data encryption standard Advanced data encryption standard...
  • Page 408: End

    Motorola RF Switch CLI Reference Guide 6.1.4 end  Crypto ISAKMP Config Commands Ends and exits the current mode and changes to the PRIV EXEC mode. The prompt changes RFSwitch# Supported in the following platforms: • RFS7000 • RFS6000 • RFS4000...
  • Page 409: Exit

    6.1.5 exit  Crypto ISAKMP Config Commands Ends the current mode and moves to the previous mode (GLOBAL-CONFIG). The prompt changes to RFSwitch(config)# Supported in the following platforms: • RFS7000 • RFS6000 • RFS4000 Syntax exit Parameters None. Example RFSwitch(config-crypto-isakmp)#exit...
  • Page 410: Group

    Motorola RF Switch CLI Reference Guide 6.1.6 group  Crypto ISAKMP Config Commands Specifies the Diffie-Hellman group (1 or 2) used by the IKE policy to generate keys (which is then used to create an IPSec SA) Supported in the following platforms: •...
  • Page 411: Hash

    6.1.7 hash  Crypto ISAKMP Config Commands Specifies the hash algorithm used to authenticate data transmitted over the IKE SA Supported in the following platforms: • RFS7000 • RFS6000 • RFS4000 Syntax hash [md5|sha] Parameters Choose the MD5 hash algorithm...
  • Page 412: Help

    6-10 Motorola RF Switch CLI Reference Guide 6.1.8 help  Crypto ISAKMP Config Commands Displays the system’s interactive help system Supported in the following platforms: • RFS7000 • RFS6000 • RFS4000 Syntax help Parameters None Example RFSwitch(config-crypto-isakmp)#help CLI provides advanced help feature.
  • Page 413: Lifetime

    6-11 6.1.9 lifetime  Crypto ISAKMP Config Commands Specifies how long an IKE SA is valid before it expires • RFS7000 • RFS6000 • RFS4000 Syntax lifetime <seconds> Parameters <seconds> Specifies how many seconds an IKE SA lasts before it expires.
  • Page 414 6-12 Motorola RF Switch CLI Reference Guide 6.1.10 no  Crypto ISAKMP Config Commands Negates a command or sets its defaults Supported in the following platforms: • RFS7000 • RFS6000 • RFS4000 Syntax no [authentication|encryption|group|hash|lifetime] Parameters None. Example RFSwitch(config-crypto-isakmp)#no lifetime...
  • Page 415: Service

     Crypto ISAKMP Config Commands Invokes service commands to troubleshoot or debug the (config-crypto-isakmp) instance configurations. Supported in the following platforms: • RFS7000 • RFS6000 • RFS4000 Syntax service show cli Parameters Displays the CLI tree of current mode Example...
  • Page 416 6-14 Motorola RF Switch CLI Reference Guide +-1 [group (1|2|5)] +-2 [group (1|2|5)] +-5 [group (1|2|5)] +-hash +-md5 [hash (sha|md5)] ....RFSwitch(config-crypto-isakmp)#...
  • Page 417: Show

    Supported in the following platforms: • RFS7000 • RFS6000 • RFS4000 SWITCH NOTE: The following commands display only for RFS6000 and RFS4000: • power The following commands display only for RFS7000 : • port-channel • static-channel-group NOTE: For more details, see...
  • Page 418 6-16 Motorola RF Switch CLI Reference Guide banner Display Message of the Day Login banner boot Display boot configuration. clock Display system clock commands Show command lists crypto encryption module debugging Debugging information outputs dhcp DHCP Server Configuration environment show environmental information...
  • Page 419 Crypto-isakmp Instance 6-17 terminal Display terminal configuration parameters timezone Display timezone traffic-shape Display traffic shaping upgrade-status Display last image upgrade status users Display information about currently logged in users version Display software & hardware version wireless Wireless configuration commands virtual-ip IP Redundancy Feature wlan-acl wlan based acl...
  • Page 420 6-18 Motorola RF Switch CLI Reference Guide...
  • Page 421: Chapter 7. Crypto-Group Instance

    Crypto-group Instance The ( instance configures the default group properties of the config-crypto-group) ISAKMP client. To navigate to this instance, use the command: RFSwitch(config)#crypto isakmp client configuration group default RFSwitch(config-crypto-group)# 7.1 Crypto Group Config Commands Table 7.1 summarizes the switch commands config-crypto-group Table 7.1 Crypto Group Command Summary...
  • Page 422 Motorola RF Switch CLI Reference Guide Table 7.1 Crypto Group Command Summary Command Description Ref. show Shows running system information page 7-9 wins Defines a Windows Name Server (WINS) page 7-12...
  • Page 423: Clrscr

    Crypto-group Instance 7.1.1 clrscr  Crypto Group Config Commands Clears the display screen Supported in the following platforms: • RFS7000 • RFS6000 • RFS4000 Syntax clrscr Parameters None Example RFSwitch(config-crypto-group)#clr RFSwitch(config-crypto-group)#...
  • Page 424: Dns

    Motorola RF Switch CLI Reference Guide 7.1.2 dns  Crypto Group Config Commands Specifies the DNS server address(es) to assign to a client Supported in the following platforms: • RFS7000 • RFS6000 • RFS4000 Syntax dns <IP> <IP > The first DNS server address to assign Example RFSwitch(config-crypto-group)#dns-server 172.1.17.1...
  • Page 425: End

    7.1.3 end  Crypto Group Config Commands Ends and exits the current mode and changes to the PRIV EXEC mode. The prompt changes RFSwitch# Supported in the following platforms: • RFS7000 • RFS6000 • RFS4000 Syntax Parameters None Example RFSwitch(config-crypto-group)#end...
  • Page 426: Exit

    Motorola RF Switch CLI Reference Guide 7.1.4 exit  Crypto Group Config Commands Ends the current mode and moves to the previous mode (GLOBAL-CONFIG). The prompt changes to RFSwitch(config)# Supported in the following platforms: • RFS7000 • RFS6000 • RFS4000...
  • Page 427: Help

    Crypto-group Instance 7.1.5 help  Crypto Group Config Commands Displays the system’s interactive help system Supported in the following platforms: • RFS7000 • RFS6000 • RFS4000 Syntax help Parameters None Example RFSwitch(config-crypto-group)#help CLI provides advanced help feature. When you need help, anytime at the command line please press '?'.
  • Page 428: Service

    Motorola RF Switch CLI Reference Guide 7.1.6 service  Crypto Group Config Commands Invokes service commands used troubleshoot or debug (config-crypto-isakmp) instance configurations Supported in the following platforms: • RFS7000 • RFS6000 • RFS4000 Syntax service show cli Parameters Displays the CLI tree of current mode...
  • Page 429: Show

    Supported in the following platforms: • RFS7000 • RFS6000 • RFS4000 SWITCH NOTE: The following commands display only for RFS6000 and RFS4000: • power The following commands display only for RFS7000 : • port-channel • static-channel-group NOTE: For more details on the show command see...
  • Page 430 7-10 Motorola RF Switch CLI Reference Guide banner Display Message of the Day Login banner boot Display boot configuration. clock Display system clock commands Show command lists crypto encryption module debugging Debugging information outputs dhcp DHCP Server Configuration environment show environmental information...
  • Page 431 Crypto-group Instance 7-11 terminal Display terminal configuration parameters timezone Display timezone traffic-shape Display traffic shaping upgrade-status Display last image upgrade status users Display information about currently logged in users version Display software & hardware version virtual-ip IP Redundancy Feature wireless Wireless configuration commands wlan-acl wlan based acl...
  • Page 432: Wins

    7-12 Motorola RF Switch CLI Reference Guide 7.1.8 wins  Crypto Group Config Commands Specifies the Windows Internet Naming Service (WINS) servers to assign to a client Supported in the following platforms: • RFS7000 • RFS6000 • RFS4000 Syntax wins <IP>...
  • Page 433: Chapter 8. Crypto-Peer Instance

    Crypto-peer Instance instance to configure ISAKMP peers. To enter this (config-crypto-peer) instance, use the command: RFSwitch(config)#crypto isakmp peer [address|dn|hostname] RFSwitch(config-crypto-peer)# 8.1 Crypto Peer Config Commands Table 8.1 summarizes the commands config-crypto-peer Table 8.1 Crypto Peer Command Summary Command Description Ref. clrscr Clears the display screen page 8-3...
  • Page 434 Motorola RF Switch CLI Reference Guide Table 8.1 Crypto Peer Command Summary (Continued) Command Description Ref. show Displays running system page 8-...
  • Page 435: Clrscr

    Crypto-peer Instance 8.1.1 clrscr  Crypto Peer Config Commands Clears the display screen Supported in the following platforms: • RFS7000 • RFS6000 • RFS4000 Syntax clrscr Parameters None Example RFSwitch(config-crypto-peer)#clrscr RFSwitch(config-crypto-peer)
  • Page 436: End

    Motorola RF Switch CLI Reference Guide 8.1.2 end  Crypto Peer Config Commands Ends and exits the current mode and moves to the PRIV EXEC mode. The prompt changes RFSwitch# Supported in the following platforms: • RFS7000 • RFS6000 • RFS4000...
  • Page 437: Exit

    8.1.3 exit  Crypto Peer Config Commands Ends the current mode and moves to the previous mode (GLOBAL-CONFIG). The prompt changes to RFSwitch(config)# Supported in the following platforms: • RFS7000 • RFS6000 • RFS4000 Syntax exit Parameters None Example RFSwitch(config-crypto-peer)#exit...
  • Page 438: Help

    Motorola RF Switch CLI Reference Guide 8.1.4 help  Crypto Peer Config Commands Accesses the system’s interactive help system Supported in the following platforms: • RFS7000 • RFS6000 • RFS4000 Syntax help Parameters None Example RFSwitch(config-crypto-peer)#help CLI provides advanced help feature.
  • Page 439 Crypto-peer Instance 8.1.5 no  Crypto Peer Config Commands Negates a command or sets it’s defaults Supported in the following platforms: • RFS7000 • RFS6000 • RFS4000 Syntax no set aggressive-mode password Parameters command for parameters details Example RFSwitch(config-crypto-peer)#no set aggrerssive-mode...
  • Page 440: Service

    Motorola RF Switch CLI Reference Guide 8.1.6 service  Crypto Peer Config Commands Invokes service commands to troubleshoot or debug the (config-crypto-peer) instance configuration Supported in the following platforms: • RFS7000 • RFS6000 • RFS4000 Syntax service show cli Parameters...
  • Page 441 Crypto-peer Instance 8.1.7 set  Crypto Peer Config Commands Configures the aggressive-mode of config-crypto-peer • RFS7000 • RFS6000 • RFS4000 set aggerssive-mode password [0 <password>|2 <password>| <password>] Parameters aggressive-mode Defines aggressive mode attributes password [0 • password – Specifies a tunnel-password attribute <password>|2...
  • Page 442: Show

    8-10 Motorola RF Switch CLI Reference Guide 8.1.8 show  Crypto Peer Config Commands Displays current system information running on the switch Supported in the following platforms: • RFS7000 • RFS6000 • RFS4000 SWITCH NOTE: The following commands display only for RFS6000 and RFS4000: •...
  • Page 443 Crypto-peer Instance 8-11 banner Display Message of the Day Login banner boot Display boot configuration. clock Display system clock commands Show command lists crypto encryption module debugging Debugging information outputs dhcp DHCP Server Configuration environment show environmental information file Display filesystem information firewall Wireless firewall Display FTP Server configuration...
  • Page 444 8-12 Motorola RF Switch CLI Reference Guide terminal Display terminal configuration parameters timezone Display timezone upgrade-status Display last image upgrade status users Display information about currently logged in users version Display software & hardware version virtual-ip IP Redundancy Feature wireless...
  • Page 445: Chapter 9. Crypto-Ipsec Instance

    Crypto-ipsec Instance Use the instance to define the transform configuration for (config-crypto-ipsec) securing data (esp-3des, esp-sha-hmac etc.). To navigate to this instance, use the command RFSwitch(config)#crypto ipsec transform-set <transform-set-name> <encryption-type> <auth-type> RFSwitch(config-crypto-ipsec)# The transform set is assigned to a crypto map using the map’s transform-set command. For more details, see crypto-map transform set page...
  • Page 446 Motorola RF Switch CLI Reference Guide Table 9.1 Crypto IPsec Command Summary (Continued) Command Description Ref. Negates a command or set its defaults page 9-7 service Invokes service commands to troubleshoot or debug page 9-11 instance configurations (config-crypto-isakmp)
  • Page 447: End

    9.1.1 end  Crypto IPSec Config Commands Ends and exits the current mode and moves to the PRIV EXEC mode. The prompt changes RFSwitch# Supported in the following platforms: • RFS7000 • RFS6000 • RFS4000 Syntax Parameters None Example RFSwitch(config-crypto-ipsec)#end...
  • Page 448: Exit

    Motorola RF Switch CLI Reference Guide 9.1.2 exit  Crypto IPSec Config Commands Ends the current mode and moves to the previous mode (GLOBAL-CONFIG). The prompt changes to RFSwitch(config)# Supported in the following platforms: • RFS7000 • RFS6000 • RFS4000...
  • Page 449: Help

    Crypto-ipsec Instance 9.1.3 help  Crypto IPSec Config Commands Accesses the system’s interactive help system Supported in the following platforms: • RFS7000 • RFS6000 • RFS4000 Syntax help Parameters None Example RFSwitch(config-crypto-peer)#help CLI provides advanced help feature. When you need help, anytime at the command line please press '?'.
  • Page 450: Mode

    Motorola RF Switch CLI Reference Guide 9.1.4 mode  Crypto IPSec Config Commands Configures the IPSec mode of operation Supported in the following platforms: • RFS7000 • RFS6000 • RFS4000 Syntax mode [transport|tunnel] Parameters transport Transport mode tunnel Tunnel mode...
  • Page 451 Crypto-ipsec Instance 9.1.5 no  Crypto IPSec Config Commands Negates a command or sets it’s defaults Supported in the following platforms: • RFS7000 • RFS6000 • RFS4000 Syntax no mode Parameters mode Sets default to tunnel mode. Example RFSwitch(config-crypto-ipsec)#no mode...
  • Page 452: Show

    Motorola RF Switch CLI Reference Guide 9.1.6 show  Crypto IPSec Config Commands Use this command to view current system information running on the switch Supported in the following platforms: • RFS7000 • RFS6000 • RFS4000 SWITCH NOTE: The following commands display only for RFS6000 and RFS4000: •...
  • Page 453 Crypto-ipsec Instance debugging Debugging information outputs dhcp DHCP Server Configuration environment show environmental information file Display filesystem information firewall Wireless firewall Display FTP Server configuration history Display the session command history interfaces Interface status Internet Protocol (IP) ldap LDAP server licenses Show any installed licenses logging...
  • Page 454 9-10 Motorola RF Switch CLI Reference Guide users Display information about currently logged in users version Display software & hardware version virtual-ip IP Redundancy Feature wireless Wireless configuration commands wlan-acl wlan based acl wwan Wireless wan interface RFSwitch(config-crypto-ipsec)#show...
  • Page 455: Service

     Crypto IPSec Config Commands Invokes service commands to troubleshoot or debug the (config-crypto-peer) instance configuration Supported in the following platforms: • RFS7000 • RFS6000 • RFS4000 Syntax service show cli Parameters Displays the CLI tree of current mode Example...
  • Page 456 9-12 Motorola RF Switch CLI Reference Guide...
  • Page 457: Chapter 10. Crypto-Map Instance

    Crypto-map Instance The ( commands define a Certificate Authority (CA) trustpoint. config-crypto-map) This is a separate instance, but belongs to the mode under the crypto pki trustpoint instance. config To navigate to this instance, use the command: RFSwitch(config)#crypto map <map-name> <sequence> [ipsec-isakmp|ipsec-manual] {dynamic} RFSwitch(config-crypto-map)# 10.1 Crypto Map Config Commands...
  • Page 458 10-2 Motorola RF Switch CLI Reference Guide Table 10.1 Crypto Map Command Summary (Continued) Command Description Ref. service Invokes service commands to troubleshoot or debug the page 10-10 instance configurations Sets values for encryption/decryption parameters page 10-12 show Displays the running system information...
  • Page 459: Clrscr

    Crypto-map Instance 10-3 10.1.1 clrscr  Crypto Map Config Commands Clears the display screen Supported in the following platforms: • RFS7000 • RFS6000 • RFS4000 Syntax clrscr Parameters None Example RFSwitch(config-crypto-map)#clrscr RFSwitch(config-crypto-map)#...
  • Page 460: End

    10-4 Motorola RF Switch CLI Reference Guide 10.1.2 end  Crypto Map Config Commands Ends and exits the current mode and moves to the to PRIV EXEC mode. The prompt changes RFSwitch# Supported in the following platforms: • RFS7000 • RFS6000 •...
  • Page 461: Exit

    10.1.3 exit  Crypto Map Config Commands Ends the current mode and moves to the previous mode (GLOBAL-CONFIG). The prompt changes to RFSwitch(config)# Supported in the following platforms: • RFS7000 • RFS6000 • RFS4000 Syntax exit Parameters None Example RFSwitch(config-crypto-map)#exit...
  • Page 462: Help

    10-6 Motorola RF Switch CLI Reference Guide 10.1.4 help  Crypto Map Config Commands Displays the system’s interactive help system Supported in the following platforms: • RFS7000 • RFS6000 • RFS4000 Syntax help Parameters None Example RFSwitch(config-crypto-map)#help CLI provides advanced help feature.
  • Page 463: Match

    (or if the packet fails any of the security checks), it is discarded. If all checks pass, the packet is forwarded normally. Supported in the following platforms: • RFS7000 • RFS6000 • RFS4000 Syntax match address <acl-id> Parameters...
  • Page 464 10-8 Motorola RF Switch CLI Reference Guide Usage Guidelines Crypto map entries do not directly contain the selectors used to determine which data to secure. Instead, the crypto map entry refers to an access control list. An access control list (ACL) is assigned to the crypto map using the match address command.
  • Page 465 10-9 10.1.6 no  Crypto Map Config Commands Negates a command or sets its defaults Supported in the following platforms: • RFS7000 • RFS6000 • RFS4000 Syntax no [match|set] Parameters Use the commands configured under this instance. Example RFSwitch(config-crypto-map)#no match address <WORD>...
  • Page 466: Service

    10-10 Motorola RF Switch CLI Reference Guide 10.1.7 service  Crypto Map Config Commands Invokes service commands to troubleshoot or debug the (config-crypto-peer) instance configuration Supported in the following platforms: • RFS7000 • RFS6000 • RFS4000 Syntax service show cli...
  • Page 467 Crypto-map Instance 10-11 +-remote-type [no set remote-type] +-security-association +-level +-perhost [no set security-association level perhost] +-lifetime [no set security-association lifetime] +-session-key +-inbound +-ah [no set session-key ( inbound | outbound ) ah] +-esp [no set session-key ( inbound | outbound ) esp] ............
  • Page 468: Set

    10-12 Motorola RF Switch CLI Reference Guide 10.1.8 set  Crypto Map Config Commands Configures set parameters for the peer device Supported in the following platforms: • RFS7000 • RFS6000 • RFS4000 Syntax set [localid|mode|peer|pfs|remote-type {ipsec-l2tp|xauth}| security-association|session-key|transform-set) set localid [dn|hostname]<name>...
  • Page 469 Crypto-map Instance 10-13 mode [aggressive|main] Sets the mode of the tunnels for this Crypto Map • aggressive – Initiates aggressive mode • main – Initiates main mode peer Sets the IP address of the peer device. This can be set for [ipaddress| multiple remote peers.
  • Page 470 10-14 Motorola RF Switch CLI Reference Guide security-association Defines the lifetime (in kilobytes and/or seconds) of the [level perhost|lifetime IPSec SAs created by this crypto map {kilobyte|seconds}] • level perhost – Specifies the security association granularity level for identities • lifetime [kilobyte|seconds] – Security an association...
  • Page 471 Crypto-map Instance 10-15 RFSwitch(config-crypto-map)#set pfs If left at the default setting, no perfect forward secrecy (PFS) is used during IPSec SA key generation. If PFS is specified, the specified Diffie-Hellman Group exchange is used for the initial (and all subsequent) key generations. This means no data linkage between prior keys and future keys.
  • Page 472: Show

    10-16 Motorola RF Switch CLI Reference Guide 10.1.9 show  Crypto Map Config Commands Displays current system information running on the switch Supported in the following platforms: • RFS7000 • RFS6000 • RFS4000 SWITCH NOTE: The following commands display only for RFS6000 and RFS4000: •...
  • Page 473 Crypto-map Instance 10-17 dhcp DHCP Server Configuration environment show environmental information file Display filesystem information firewall Wireless firewall Display FTP Server configuration history Display the session command history interfaces Interface status Internet Protocol (IP) ldap LDAP server licenses Show any installed licenses logging Show logging configuration and buffer...
  • Page 474 10-18 Motorola RF Switch CLI Reference Guide version Display software & hardware version virtual-ip IP Redundancy Feature wireless Wireless configuration commands wlan-acl wlan based acl wwan Wireless wan interface RFSwitch(config-crypto-map)#show...
  • Page 475: Chapter 11. Crypto-Trustpoint Instance

    Crypto-trustpoint Instance commands define a Certificate Authority (CA) (config-crypto-trustpoint) trustpoint. This is a separate instance, but belongs to the crypto pki trustpoint mode under the instance. config To navigate to this instance, use the command RFSwitch(config)#crypto pki trustpoint <trustpoint-name> RFSwitch(config-trustpoint)# 11.1 Trustpoint (PKI) Config Commands Table 11.1 summarizes...
  • Page 476 11-2 Motorola RF Switch CLI Reference Guide Table 11.1 Trustpoint (PKI) Config Command Summary Command Description Ref. ip-address Sets an IP address for the trustpoint page 11-10 Negates a command or sets its defaults page 11-11 password Sets the challenge password (applicable only for...
  • Page 477: Clrscr

    Crypto-trustpoint Instance 11-3 11.1.1 clrscr  Trustpoint (PKI) Config Commands Clears the display screen Supported in the following platforms: • RFS7000 • RFS6000 • RFS4000 Syntax clrscr Parameters None Example RFSwitch(config-trustpoint)#clrscr RFSwitch(config-trustpoint)#...
  • Page 478: Company-Name

    11-4 Motorola RF Switch CLI Reference Guide 11.1.2 company-name  Trustpoint (PKI) Config Commands Sets the company name (Applicable only for request) Supported in the following platforms: • RFS7000 • RFS6000 • RFS4000 Syntax company-name <company-name> Parameters <company-name> Company name (2 to 64 characters)
  • Page 479: Email

    11.1.3 email  Trustpoint (PKI) Config Commands Sets the e-mail ID for the trustpoint Supported in the following platforms: • RFS7000 • RFS6000 • RFS4000 Syntax email <email> Parameters <email> Sets email address (2 to 64 characters) for the trustpoint Example RFSwitch(config-trustpoint)#email abcTestemailID@symbol.com...
  • Page 480: End

    11-6 Motorola RF Switch CLI Reference Guide 11.1.4 end  Trustpoint (PKI) Config Commands Ends and exits the current mode and moves to the PRIV EXEC mode. The prompt changes RFSwitch# Supported in the following platforms: • RFS7000 • RFS6000 •...
  • Page 481: Exit

    11.1.5 exit  Trustpoint (PKI) Config Commands Ends the current mode and moves to previous the mode (GLOBAL-CONFIG). The prompt changes to RFSwitch(config)# Supported in the following platforms: • RFS7000 • RFS6000 • RFS4000 Syntax exit Parameters None Example RFSwitch(config-trustpoint)#exit...
  • Page 482: Fqdn

    11-8 Motorola RF Switch CLI Reference Guide 11.1.6 fqdn  Trustpoint (PKI) Config Commands Configures the domain name of the trustpoint (FQDN stands for Fully Qualified Domain Name) Supported in the following platforms: • RFS7000 • RFS6000 • RFS4000 Syntax fqdn <domain-name>...
  • Page 483: Help

    Crypto-trustpoint Instance 11-9 11.1.7 help  Trustpoint (PKI) Config Commands Displays the systems interactive help system Supported in the following platforms: • RFS7000 • RFS6000 • RFS4000 Syntax help Parameters None Example RFSwitch(config-trustpoint)#help CLI provides advanced help feature. When you need help, anytime at the command line please press '?'.
  • Page 484: Ip-Address

    11-10 Motorola RF Switch CLI Reference Guide 11.1.8 ip-address  Trustpoint (PKI) Config Commands Sets an IP address for the trustpoint Supported in the following platforms: • RFS7000 • RFS6000 • RFS4000 Syntax ip-address <IP> Parameters <IP> Enter the IP address for the trustpoint Example RFSwitch(config-trustpoint)#ip-address 157.200.200.02...
  • Page 485 Crypto-trustpoint Instance 11-11 11.1.9 no  Trustpoint (PKI) Config Commands Negates a command or sets its defaults Supported in the following platforms: • RFS7000 • RFS6000 • RFS4000 Syntax no [company-name|email|fqdn|ip-address|subject-name] Parameters None. Example RFSwitch(config-trustpoint)#no ip-address RFSwitch(config-trustpoint)#...
  • Page 486: Password

    11-12 Motorola RF Switch CLI Reference Guide 11.1.10 password  Trustpoint (PKI) Config Commands Sets the challenge password (applicable only for requests) to access the trustpoint Syntax password [0<password>|2<password>|<password>] Parameters 0 <password> Password <password> is specified as unencrypted, the password should be between 4 to 20 characters 2 <password>...
  • Page 487: Rsakeypair

    Crypto-trustpoint Instance 11-13 11.1.11 rsakeypair  Trustpoint (PKI) Config Commands Configures a RSA Keypair to associate with the trustpoint Supported in the following platforms: • RFS7000 • RFS6000 • RFS4000 Syntax rsakeypair <keypair-name> Parameters <keypair-name> RSA Keypair Identifier Usage Guidelines The RSA key pair configures the switch to have Rivest, Shamir, and Adelman (RSA) key pairs.
  • Page 488: Service

    11-14 Motorola RF Switch CLI Reference Guide 11.1.12 service  Trustpoint (PKI) Config Commands Invokes service commands to troubleshoot or debug the crypto pki trustpoint instance configuration Supported in the following platforms: • RFS7000 • RFS6000 • RFS4000 Syntax service show cli...
  • Page 489 Crypto-trustpoint Instance 11-15 ....................................RFSwitch(config-trustpoint)#...
  • Page 490: Show

    11-16 Motorola RF Switch CLI Reference Guide 11.1.13 show  Trustpoint (PKI) Config Commands Displays current system information running on the switch Supported in the following platforms: • RFS7000 • RFS6000 • RFS4000 SWITCH NOTE: The following commands display only for RFS6000 and RFS4000: •...
  • Page 491 Crypto-trustpoint Instance 11-17 debugging Debugging information outputs dhcp DHCP Server Configuration environment show environmental information file Display filesystem information firewall Wireless firewall Display FTP Server configuration history Display the session command history interfaces Interface status Internet Protocol (IP) ldap LDAP server licenses Show any installed licenses logging...
  • Page 492 11-18 Motorola RF Switch CLI Reference Guide users Display information about currently logged in users version Display software & hardware version virtual-ip IP Redundancy Feature wireless Wireless configuration commands wlan-acl wlan based acl wwan Wireless wan interface RFSwitch(config-crypto-map)#show...
  • Page 493: Subject-Name

    Creates a subject name to configure a trustpoint (the subject name is a collection of required parameters to configure a trustpoint) Supported in the following platforms: • RFS7000 • RFS6000 • RFS4000 Syntax subject-name <name> <country> <state> <city> <org> <org-unit>...
  • Page 494 11-20 Motorola RF Switch CLI Reference Guide WORD Organization( 2 to 64 characters ) RFSwitch(config-trustpoint)#subject-name TestPool US OH PB SYMBOL ? WORD Organization Unit( 2 to 64 characters ) RFSwitch(config-trustpoint)#subject-name TestPool US OH PB SYMBOL WID ? <cr> RFSwitch(config-trustpoint)#subject-name TestPool US OH PB...
  • Page 495: Chapter 12. Interface Instance

    Interface Instance Use the instance to configure the interfaces – Ethernet, VLAN and tunnel (config-if) associated with the switch. To switch to this mode, use the command: For RFSwitch7000: RFSwitch(config)#interface [<interface-name>|ge <1-4>|me1| sa <1-4>|vlan <1-4094>] RFSwitch(config-if)# For RFSwitch6000: RFSwitch(config)#interface [<interface-name>|ge <1-8>|me1| up1|vlan <1-4094>] RFSwitch(config-if)# For RFSwitch4000:...
  • Page 496 12-2 Motorola RF Switch CLI Reference Guide Table 12.1 Interface Config Command Summary (Continued) Command Description Ref. crypto Defines the encryption module page 12-5 description Creates an interface specific description page 12-6 duplex Sets the duplex mode used by the interface...
  • Page 497 Interface Instance 12-3 Table 12.1 Interface Config Command Summary (Continued) Command Description Ref. speed Specifies the speed of a fast-ethernet (10/100) or a page 12-32 gigabit ethernet port (10/100/1000) static- Configures static channel commands page 12-33 channel- group storm-control Sets broadcast rate-limit value page 12-36 switchport Sets switching mode characteristics...
  • Page 498: Clrscr

    12-4 Motorola RF Switch CLI Reference Guide 12.1.1 clrscr  Interface Config Commands Clears the display screen Supported in the following platforms: • RFS7000 • RFS6000 • RFS4000 Syntax clrscr Parameters None Example RFSwitch(config-if)#clrscr RFSwitch(config-if)#...
  • Page 499: Crypto

    12-5 12.1.2 crypto  Interface Config Commands Sets the encryption module to use for this interface Supported in the following platforms: • RFS7000 • RFS6000 • RFS4000 Syntax crypto map <map-tag> Parameters map <map-tag> Assigns a Crypto Map • <map-tag> – Crypto Map tag Usage Guidelines At any given instance you can add one crypto mapset to an single interface.
  • Page 500: Description

    12-6 Motorola RF Switch CLI Reference Guide 12.1.3 description  Interface Config Commands Creates an interface specific description Supported in the following platforms: • RFS7000 • RFS6000 • RFS4000 Syntax description <description> Parameters <description> Defines the characters describing this interface Example RFSwitch(config-if)#description "interface for RetailKing"...
  • Page 501: Duplex

    (config-if) interface mode • The duplex cannot be set until the speed is set to a non-auto value Supported in the following platforms: • RFS7000 • RFS6000 • RFS4000 Syntax duplex [auto|full|half] Parameters auto Sets the ports duplexity automatically. The port...
  • Page 502: End

    12-8 Motorola RF Switch CLI Reference Guide 12.1.5 end  Interface Config Commands Ends and exits the current mode and moves to the PRIV EXEC mode. The prompt changes RFSwitch# Supported in the following platforms: • RFS7000 • RFS6000 • RFS4000...
  • Page 503: Exit

    12.1.6 exit  Interface Config Commands Ends the current mode and moves to the previous mode (GLOBAL-CONFIG). The prompt changes to RFSwitch(config)# Supported in the following platforms: • RFS7000 • RFS6000 • RFS4000 Syntax exit Parameters None Example RFSwitch(config-if)#exit RFSwitch(config)#...
  • Page 504: Help

    12-10 Motorola RF Switch CLI Reference Guide 12.1.7 help  Interface Config Commands Displays the system’s interactive help Supported in the following platforms: • RFS7000 • RFS6000 • RFS4000 Syntax help Parameters None Example RFSwitch(config-if)#help CLI provides advanced help feature.
  • Page 505 12.1.8 ip  Interface Config Commands Sets the IP address for the assigned Fast Ethernet interface (ME), and VLAN Interface Supported in the following platforms: • RFS7000 • RFS6000 • RFS4000 Syntax ip [access-group|address|arp|dhcp|helper-address|nat] ip access-group [<1-99>|<100-199>|<1300-1999>| <2000-2699>|WORD in] ip arp [rate-limit|trust] ip dhcp trust ip address [<IP/Mask>...
  • Page 506 12-12 Motorola RF Switch CLI Reference Guide ip address [ <IP Mask> Sets a static IP address and network mask for a Layer 3 {secondary}|dhcp] SVI (Switch Virtual Interface) • <IP/ Mask> {secondary} – Sets the IP address (10.0.0.1/8) • secondary – Defines an optional secondary IP address •...
  • Page 507: Creating Helper Address Using Dhcp Server

    Interface Instance 12-13 Example RFSwitch(config-if)#ip access-group 110 in RFSwitch(config-if)# RFSwitch(config-if)#ip address 192.168.234.1/24 RFSwitch(config-if)# 12.1.8.1 Creating Helper Address using DHCP Server Follow the steps below to create a helper address on VLAN 2000 for using a DHCP server on VLAN 1000: RFSwitch(config)#interface vlan 1000 RFSwitch(config-if)#ip address 172.168.100.1/24 RFSwitch(config-if)#interface vlan 2000...
  • Page 508: Mac

    12-14 Motorola RF Switch CLI Reference Guide 12.1.9 mac  Interface Config Commands Applies a MAC access list (ACL) to Gigabit Ethernet interface NOTE: The access list cannot be applied on a management interface (me1). Supported in the following platforms: •...
  • Page 509: Management

    The TFTP/FTP server providing the switch its config file at startup must be accessible via this interface. VLAN 1 is the default management interface for the switch. Supported in the following platforms: • RFS7000 • RFS6000 • RFS4000 Syntax management Parameters...
  • Page 510 12-16 Motorola RF Switch CLI Reference Guide 12.1.11 no  Interface Config Commands Negates a command or sets its defaults Supported in the following platforms: • RFS7000 • RFS6000 • RFS4000 SWITCH NOTE: The following commands are not supported on RFS6000: •...
  • Page 511: Port-Channel

     Interface Config Commands Selects the load-balance criteria of an aggregated port Supported in the following platforms: • RFS7000 • RFS4000 SWITCH NOTE: RFS6000 does not support this command. Syntax port-channel load-balance [src-dst-ip|src-dst-mac] Parameters load-balance Sets load-balancing for port channel [src-dst-ip|src-dst-mac] •...
  • Page 512: Configuring A Port Aggregation

    12-18 Motorola RF Switch CLI Reference Guide The following example defines the load balance based on the IP or MAC address: RFSwitch(config)#interface sa1 RFSwitch(config-if)#port-channel load-balance src--dst-ip RFSwitch(config-if)# 12.1.12.1 Configuring a Port Aggregation for configuring port aggregation. Follow static-channel-group port-channel the steps below to configure port aggregation: 1.
  • Page 513 Interface Instance 12-19 5. Use the command to select the criteria used to determine which link is port-channel selected for a given packet. The port-channel selection is based on either source- destination IP or source destination MAC RFS7000(config-if)#port-channel load-balance src-dst-ip RFS7000(config-if)# The default port-channel criteria is based on source-destination IP.
  • Page 514 12-20 Motorola RF Switch CLI Reference Guide MAC> no matter what host the MU is accessing. But in src-dst-mac balancing, the same link is selected always.
  • Page 515: Power

    GE port is set to low. Power is applied in order of priority, power overlaods are removed in reverse order of priority. Supported in the following platforms: • RFS6000 • RFS4000 SWITCH NOTE: This command is not supported with: •...
  • Page 516 12-22 Motorola RF Switch CLI Reference Guide RFSwitch(config-if)#exit RFSwitch(config)#interface ge3 RFSwitch(config-if)#power priority critical RFSwitch(config-if)#exit RFSwitch(config)#show power configuration Power usage trap at 80% of max power (148 of 185 Watts) port Priority Power limit Enabled high 29.7W high 14.0W crit 29.7W high 29.7W...
  • Page 517: Service

    Interface Config Commands Invokes service commands to troubleshoot or debug the instance (config-if) configuration. Supported in the following platforms: • RFS7000 • RFS6000 • RFS4000 Syntax service show cli Parameters Displays the CLI tree of the current mode Example RFSwitch(config-if)#service show cli...
  • Page 518 12-24 Motorola RF Switch CLI Reference Guide +-<100-199> RFSwitch(config-if)#...
  • Page 519: Show

    Displays current system information running on the switch Supported in the following platforms: • RFS7000 • RFS6000 • RFS4000 SWITCH NOTE: The following commands display only for RFS6000 and RFS4000: • power The following commands display only for RFS7000 and RFS4000: • port-channel • static-channel-group Syntax show <parameter>...
  • Page 520 12-26 Motorola RF Switch CLI Reference Guide crypto encryption module debugging Debugging information outputs dhcp DHCP Server Configuration environment show environmental information file Display filesystem information firewall Wireless firewall Display FTP Server configuration history Display the session command history interfaces...
  • Page 521 Interface Instance 12-27 users Display information about currently logged in users version Display software & hardware version virtual-ip IP Redundancy Feature wireless Wireless configuration commands wlan-acl wlan based acl wwan Wireless wan interface RFSwitch(config-if)#show...
  • Page 522: Shutdown

    12-28 Motorola RF Switch CLI Reference Guide 12.1.16 shutdown  Interface Config Commands Disables the selected interface, the interface is administratively enabled unless explicitly disabled using this command Displays current system information running on the switch Supported in the following platforms: •...
  • Page 523: Spanning-Tree

    12.1.17 spanning-tree  Interface Config Commands Configures spanning tree parameters Displays current system information running on the switch. Supported in the following platforms: • RFS7000 • RFS6000 • RFS4000 Syntax spanning-tree [bpdufilter|bpduguard|edgeport|force-version| guard|link-type|mst|portfast] spanning-tree bpdufilter [enable|disable] spanning-tree bpduguard [enable|disable] spanning-tree [edgeport|portfast] spanning-tree force-version <1-3>...
  • Page 524 12-30 Motorola RF Switch CLI Reference Guide bpduguard [disable|enable] Use this command to enable or disable the BPDU guard feature on a port. Use the no parameter with this command to set the BPDU guard feature to default values. When the BPDU guard is set for a bridge, all portfast- enabled ports that have the BPDU-guard set to default shut down the port upon receiving a BPDU.
  • Page 525 Interface Instance 12-31 mst [<0-15> Configures MST values on a spanning tree [cost <1-200000000>| • <0-15> [cost <1-200000000>|port-priority <0-240>] – port-priority <0-240>]| Defines the Instance ID port-cisco-interoperability • cost <1-200000000> – Defines the path cost for a [disable|enable]] port • port-priority <0-240> – Defines the port priority for a bridge •...
  • Page 526: Speed

    12-32 Motorola RF Switch CLI Reference Guide 12.1.18 speed  Interface Config Commands Specifies the speed of a fast-ethernet (10/100) or a gigabit-ethernet port (10/100/1000) Displays current system information running on the switch. Supported in the following platforms: • RFS7000 •...
  • Page 527: Static-Channel-Group